I am in a small town in NW Oregon, Dallas is the name of my cat. I will report all notifications Norton shows me while viewing the SDMB and post what the notifications say. I hope I can help.
I haven’t received any new warnings since this thread died out a few days after Christmas so perhaps the ad providers took some action.
Thanks. Checking all the URLs given above with McAfee SiteAdvisor, I get a green light for all the named sites, but a security warning for two of the three IP numbers, so you may be right that someone is spoofing legitimate sites.
It’s identified as a virus. I got it last night at 10:19:45 pm eastern; I’m in the New York area. Using Firefox 9.0.1, hadn’t put AdBlock on yet. It freaked me the fuck out, I wasn’t expecting something like that from a well-known site like this.
I’m happy to report that one of our ad providers, Rubicon, has succeeded in tracing the rogue ad above with the help of the Fiddler log provided by AnalogSignal. There were six hops all told, several of which happened off stage and so did not show up in the log, although AnalogSignal got the gist. The campaign has been halted and the party that let it through (a seemingly reputable digital media agency one hop down from Rubicon) has been notified. Our thanks to AnalogSignal for his assistance. We are continuing to pursue reports of other attacks and will advise of developments.
Mildly interesting thing I noticed:
I was just googling around for something and rubiconproject.com came up in the search result, the site is marked red (bad) for WOT (Web Of Trust).
This is the description of that rating: “Very poor reputation. This site is dangerous. We recommend using a website with a better reputation.”
What’s telling you this? It’s coming up green in both McAfee and Norton for me, as one would expect, since this is the company’s main corporate website.
I use firefox and WOT, when I google and rubiconproject.com appears in the list, the main site and all sub-pages have WOT’s red circle next to them.
This is a link to their scorecard, but it’s not exactly the same as what appears in google. In a google list you just get the red circle, don’t know how their algorithm arrives at red if all categories aren’t red
Note: see comments section for things people have run into on that site
Well, we have the SDSAB, so I was thinking of SDDOD, for Straight Dope Dept. of Defense. But we’ll leave it to him. We comped him on basic membership last time. I think next time I’ll have to send him a mug.