• Welcome to AlpineZone, the largest online community of skiers and snowboarders in the Northeast!

    You may have to REGISTER before you can post. Registering is FREE, gets rid of the majority of advertisements, and lets you participate in giveaways and other AlpineZone events!

Malicious URL warnings

polski

New member
Joined
Nov 29, 2007
Messages
758
Points
0
Location
NE MA
Website
twitter.com
Every time I go to an AZ page today, Avast anti-virus (working in Chrome) is dinging with a Malicious URL Blocked warning. Here are the details.

[h=2]Infection Details[/h]
URL:http://sportforme.c0m.li/yoO4TAbn2tpl5Dl...
Process:C:\Program Files (x86)\Google\Chrome\App...
Infection:URL:Mal
 

gmcunni

Active member
Joined
Feb 25, 2007
Messages
11,459
Points
38
Location
CO Franger
.li is the Internet country code top-level domain (ccTLD) for Liechtenstein.
 

Nick

Administrator
Staff member
Administrator
Joined
Nov 12, 2010
Messages
13,135
Points
48
Location
Bradenton, FL
Website
www.alpinezone.com
OK. I found the issue. It's with the ad serving system; not the forums. I've disabled for now until I get it fixed.
 

Nick

Administrator
Staff member
Administrator
Joined
Nov 12, 2010
Messages
13,135
Points
48
Location
Bradenton, FL
Website
www.alpinezone.com
You shouldn't be getting them any more.

I am going to research WTF is going on with the ad serving system. Somehow it was hacked and <iframe> were put into the ad code. :uzi:
 

gmcunni

Active member
Joined
Feb 25, 2007
Messages
11,459
Points
38
Location
CO Franger
i'm pissed because my symantec with advanced protection turned on didn't seem to notice anything ....
 

Nick

Administrator
Staff member
Administrator
Joined
Nov 12, 2010
Messages
13,135
Points
48
Location
Bradenton, FL
Website
www.alpinezone.com
Hey guys,

Just wanted to give you an update on this. We use a software called OpenX to rotate ads on the site. That comes from Google but also from our direct advertisers that you see here.

Anyway, shame on me, the ad system was outdated by two patch versions, and was vulnerable to hacking. The system was hacked and the advertisements on the page had <iframe> codes prepended on each one. It shouldn't have affected anyone on the site, in any event, but was cause for concern.

Yesterday I shut down the ad system entirely, so you don't see any ads on the site right now. I am working with a OpenX contractor to perform an upgrade on the ad server to the most current version. That should be done later today.

Again, my apologies for the concern you guys have had based on the warnings and thanks for all your reports and PM's. If anything else changes or if you still see any warnings, please do let me know ASAP.
 
Top