Clicking on SDMB link redirects my mobile device to porn site (WAS: Should SDMB obey own rules?)

[Mangetout]

At the start of the thread, I didnt know exactly how the porn links were getting launched, but I’m fairly sure it’s the same phenomenon.

I agree, it does sound like a local infection, or at least, it would, but for the fact that I’ve seen it on more than one non-windows device, and only in association with this site.

Pretty sure a bit of malicious javascript in an ad can redirect a link on the same page, technically.

[Ed_Zotti]

At this point I’m thoroughly confused about the problem you’re experiencing, except that you wind up getting redirected to porn sites. Since you’re the only one reporting this, I have to conclude the issue is local to you.

If others DO have this problem, please provide as much detail as you can, including screen shots if possible and exactly what you did on our site that triggered the redirection.

[DrDeth]

DrDeth:

So, which thread and which link? Cause this sounds like malware on your device, not a SDMB issue.

So, which thread and which link?

[TBG]

Jackmannii:

Come-on for the latest ad: “300,000 celebrities with higher IQs than Kim Kardashian”.

I was going to question why only 300,000, then I realized click bait garbage shit sites like that always save a lot for future articles, so I look forward to "“300,000 more celebrities with higher IQs than Kim Kardashian” parts 2 through infinity.

[Mangetout]

DrDeth:

So, which thread and which link?

It was the GQ thread about the abbreviation for thousands, but that hardly matters. When I went back and revisited the link, it went to the thread.

[DrDeth]

Mangetout:

It was the GQ thread about the abbreviation for thousands, but that hardly matters. When I went back and revisited the link, it went to the thread.

Thus, it was your computer not the SDMB.

[Mangetout]

DrDeth:

Thus, it was your computer not the SDMB.

Not necessarilyat all.

I’m pretty sure a bit of javascript can divert links on the page in which it runs (after all, the viglink thing works pretty much like that)

[Irishman]

Jackmannii:

I think the Dope deliberately seeks out advertisers who use revolting clickbait in order to spur users to become members (and thus avoid the ads). The downside to this strategy is that Dopers tend to have a very high gross-out threshold.

Nah, they’re just seeking out advertisers that pay the highest rate - which happens to be the lowest common denominator clickbait ad providers.

Claverhouse:

Apart from the fact I don’t do multipage articles, and they made my computer run very slow, these seem just sad rather than offensive. Very populist, and with extra-added adverts on each site you go to.

They do seem to be designed to ad the most clutter to any article as possible, make the interaction the most difficult and least enjoyable. I particularly hate the series of pictures with a small caption/paragraph for each, and you have to click to roll to the next image. I also hate the ones that contain only a paragraph or two of text per page. Annoying as shit to have to load 20 pages to read an article that would fit on one page.

[Mangetout]

I’ve just scanned this tablet with three different AV apps (AVG, Avast, Sophos). Nothing found.

[alexandra]

Mangetout:

It just happened again - I opened a thread link in GQ and it redirected to a porn site via a domain called daterex. This time it is on an Android tablet in firefox (I checked it for suspicious plugins and helpers - nothing).

The same problem is being discussed on another board here : http://touch.boards.ie/thread/2057338557/1

The exact thing just happened to me with the same domain - daterex. I’m on an iPad. I’d clicked on a stored sdmb link in my browser. I think it was to cafe society. Some porn site along the lines of bunga bunga came up.

[Mangetout]

I did a little more googling on this topic (including the daterex domain name) - they’re having the same problem at other boards including TVTropes- they’re describing exactly the same symptoms there - certain ads targeting mobile browsers and injecting something that redirects ordinary links within the page to porn/adult dating sites, fake AV apps and fake chat sessions.

[Ed_Zotti]

alexandra:

The exact thing just happened to me with the same domain - daterex. I’m on an iPad. I’d clicked on a stored sdmb link in my browser. I think it was to cafe society. Some porn site along the lines of bunga bunga came up.

If there’s something getting placed on our pages that redirects people to porn sites, we’ll certainly want to put a stop to it. However, we need some more detail. Please be as specific as you can. Here’s what I’m hearing so far - Mangetout and Alexandra, pls confirm:

1. This affects mobile devices only. So far I’ve seen reports for both iPad (Apple iOS - Safari?) and Android tablet/Firefox. I don’t think this has occurred on desktop computers but references to clicks make me wonder.

2. You were clicking on a link to another SDMB page when redirected. Was this link in the thread list for a particular forum?

3. When redirected, the domain “daterex” appeared in the address box.

4. You were taken to a porn site. Please describe what about the site leads you to think this. (“Porn site” gives me little to go on.)

To see if others are having this problem, I’m changing the name of this thread to reflect the issue being reported.

If you have this problem, PLEASE SEND A SCREEN SHOT IF POSSIBLE. Sorry for the inconvenience.

[Mangetout]

1. Yes - only mobile devices in my experience - a borrowed iPad (which I don’t have regular access to, so can’t go back and look at details) and my own Android tablet. If I said ‘click’ at any point, I actually meant ‘visit link’ or ‘tap on something on the screen’

2. Not sure - on one occasion, I was just trying to open up a thread, but on other occasions, the rogue pages just seemed to launch as I was trying to scroll.

3. I wasn’t aware of the redirect domain at the time, as neither of the browsers I used had a conspicuous address box - they were both configured for full screen browsing, however, the daterex redirect was visible in the history; specifically, the redirect URLs were (spoilered and munged by insertion of @@@ before TLD - DO NOT VISIT THESE LINKS) :http://live-543.daterex.@@@com/redirect.html
   and
   http://live-542.daterex.@@@com/redirect.html
   

4. So far, I have been redirected (on different occasions) to sites including:
   [ul]
   [li]A site showing a whole page image of a full frontal, entirely nude female model (I didn’t stay there long enough to read any of the text or links on the page)[/li][li]A fake chat client where I was supposedly communicating with someone called ‘Samantha’[/li][li]An adult dating/hookup site proclaiming itself ‘better than fuckbook’, with a cartoon/line drawing image graphically depicting penetrative intercourse[/li][li]A ‘Free Live Sex Cams’ website on which there was a grid of thumbnails of various sex acts/breasts/genitalia[/li][/ul]
   Links (again, broken by insertion of @@@ before TLD - DO NOT VISIT THESE LINKS) to a couple of examples of these:[spoiler]http://bongacams.@@@com/?bcs=cGVyaTdlMzBkNjhhZmVlMTAxMWZhMGM5NjJmNGQxZmQxZDNhOjoxNzgzNDY6Omh0dHA6Ly9saXZlLTU0My5kYXRlcmV4LmNvbS9yZWRpcmVjdC5odG1sOjpnR0JBRDE0MTIzMTAwMjUwMDAwMDEwMjgyODAwMjFjY2ZXRjBUQU4zNDUwMDE3NDdLMDAwMzgzOjo6OjI2NTIxNTo6MDo6MA~~

and

http://mobile-notifications.@@@com/chat/encj1/Samantha/chat.html?voluumdata=vid…00000002-b038-4b11-8000-000000000000__vpid…e352b800-8f8c-11e4-8696-2003b1875e5b__caid…24a87511-4502-4abe-9e5f-54b63f328204__lid…4bed81ee-bb37-4692-87ff-942f8ad80e13__rt…R__oid1…025a4057-0518-4c02-938d-ef08fa96ea98__var1…120010__var2…GB__var3…live-542%5C.%5Cdaterex%5C.%5Ccom__var4…Android-Tablets&c1=120010&c2=GB&c3=live-542.daterex.com&c4=Android-Tablets
[/spoiler]
I believe what’s happening here is ‘clickjacking’ - where code in a rogue ad is placing links in a transparent page over the top of legitimate SDMB content (this may explain why I was experiencing the problem both on attempting to visit SDMB links, but also spontaneously when I just touched the screen to scroll)

[alexandra]

Ed_Zotti:

If there’s something getting placed on our pages that redirects people to porn sites, we’ll certainly want to put a stop to it. However, we need some more detail. Please be as specific as you can. Here’s what I’m hearing so far - Mangetout and Alexandra, pls confirm:

1. This affects mobile devices only. So far I’ve seen reports for both iPad (Apple iOS - Safari?) and Android tablet/Firefox. I don’t think this has occurred on desktop computers but references to clicks make me wonder.

2. You were clicking on a link to another SDMB page when redirected. Was this link in the thread list for a particular forum?

3. When redirected, the domain “daterex” appeared in the address box.

4. You were taken to a porn site. Please describe what about the site leads you to think this. (“Porn site” gives me little to go on.)

To see if others are having this problem, I’m changing the name of this thread to reflect the issue being reported.

If you have this problem, PLEASE SEND A SCREEN SHOT IF POSSIBLE. Sorry for the inconvenience.

Yes this has happened to me on an iPad only but I seem to remember I was using the chrome browser. Yes, click was just an expression. I had tapped a stored link for the cafe society forum. I wasn’t actually browsing the sdmb at the time. It didn’t happen again when I retried an sdmb link.
No. 3 is correct. It was a porn site as in naked women in very sexualised poses, from what I remember. I x’ed out instinctively but will screenshot if it happens again. ETA: I think it was the same as mangetout, NSFW link in the tag… very very NSFW link: http://bongacams.@@@com/?bcs=cGVyaTdlMzBkNjhhZmVlMTAxMWZhMGM5NjJmNGQxZmQxZDNhOjoxNzgzNDY6Omh0dHA6Ly9saXZlLTU0My5kYXRlcmV4LmNvbS9yZWRpcmVjdC5odG1sOjpnR0JBRDE0MTIzMTAwMjUwMDAwMDEwMjgyODAwMjFjY2ZXRjBUQU4zNDUwMDE3NDdLMDAwMzgzOjo6OjI2NTIxNTo6MDo6MA~~

[Ed_Zotti]

Thanks, will see what I can find out.

[Mangetout]

It’s still happening on mobile browsers when I’m not logged in.

I’ve tried to carefully observe the behaviour each time it happens and it appears to just be triggered by a touch of the screen, including white space - i.e. a hijack of the whole page area, not specific to links (although obviously opening a link also involves touching the screen, so it’s easy to percieve it as a problem with a topic link).

I’m not sure what I could actually take a screenshot *of *to demonstrate the problem. The SDMB thread list looks normal, but every now and again, touching the screen immediately opens up a new window containing one of the porn/chat/etc sites.

[Kenm]

Mangetout:

I’m not sure what I could actually take a screenshot *of *to demonstrate the problem. The SDMB thread list looks normal, but every now and again, touching the screen immediately opens up a new window containing one of the porn/chat/etc sites.

A screen shot would include the URL strip, if that’s not hidden in full-screen mode, which might show some porn server.

For anyone using an iPad who doesn’t know how to make a screen shot, push the home button and power switch at the same time. The screen will flash and the pic will show up in the camera roll.

[Mangetout]

Sure - but I can get the URLs out of the history (and did so above).

What probably would have been useful is a screenshot of the menu box that normally appears when you long-press a link (showing the target URL in the title and offering ‘open in a new tab’ etc), but I don’t think this is possible - because when the malware redirect strikes, it does so as soon as the user touches the page, so a long-press is circumvented)