I concur. I got hit twice in the last couple of days (thankfully, AVG caught it both times) and I have now resolved not to open the SDMB anymore with using a browser with AdBlock.
And I’m one of those people who considers it “stealing” to look at a website and block the ads. That’s how fed up I am with this malware problem.
My apologies to you and others who are having difficulties. We’re trying to get to the bottom of this. We believe this problem is associated with an ad served up by one of our ad brokers, Rubicon or Google. These companies serve up hundreds of ads; we’ll get better results if we can establish which one is causing problems. Please note that ads aren’t associated with particular threads (other than Google text ads, which we don’t think are the problem). Questions:
You say a “java exploit tried to hit.” What leads you to say this?
You say that your system was then hit with “Antivir Solution Pro.” What exactly happened? Did you see a popup with this title?
What OS, browser and version are you using?
Do you know what if any ads were visible at the time this occurred?
Is everyone else having the same problem as markm? I realize screen shots may not be practical, but the more info you can provide, the sooner we’ll get this resolved.
This.
I use Adblock and have had not one single, solitary problem with malware from the SDMB.
Of course, I’d also like to echo the sentiment stated above that for years, I frequented many, many other forums without the aid of Adblock, and never had any problems with malware. So it does seem that the SDMB is not exactly vigilant at parsing its ad sources. Pity.
This may or may not be significant. Infected advertising on otherwise innocuous websites has exploded in the last six months. Many, many other websites that serve advertising are having the same problems today, when they did not only a short time ago.
What I am starting to see a lot (I got a warning this morning)is a AVG warning when I open the SDMB that "this site is a known exploit, phishing or social engineering website and therefore has been blocked etc
I sent a screen shot to Tuba
The problem seems to be almost exclusive to Internet Exploder. I run Firefox and have never had a hint of a problem. No one running Opera or Safari has mentioned having a problem, either, as far as I can remember. If you use an easily exploitable browser, you are going to get exploited, sooner or later. The black-hats always find a way around everything the ad servers try to stop them.
Oops should have added that I am running firefox 3.6.8
(thanks for reminding me Cheshire)
.
Interesting. Didn’t know that.
That sucks. (Obviously.)
I’m running firefox 3.6.6.
As I recall (imperfectly, I’m sure), the sequence of events was a popup telling me that there was a problem with java and asking if I wanted to stop running it on this page. That had actually happened a few times previously, but I’d always just shut down and restarted firefox without incident. This particular time I accidentally clicked somewhere on the message, and then started getting the ‘antivir’ popups, which basically just took over. I couldn’t exit firefox or shut down normally, and it also provided some delightful messages like “Your computer is is infected with somevirusname, most likely from visiting longlistofpornsites.”
Three successively earlier system restores and a virus scan later, the problem seems to be resolved, and I haven’t had any more problems since I started using adblock a couple of days ago.
I appreciate your concern and response Ed, but you seem to still be missing the essential point. Attempts to track down the particular adds that are causing the problem avoid the larger issue with your ad provider.
Your ad providers are dealing your business continual problems that are detrimental to the business.
A little less Gormless Wienie and a little more firm business man should eliminate the problem, if you please.
All of them? How do you know that?
When I was younger I used to have the idea that if I called up business people I was unhappy with and ordered them to FIX THIS NOW GODDAMMIT, I would get results. I seldom did. Later I adopted the policy of first trying to establish what exactly the offending party was doing wrong, and what he needed to do fix it, and then explaining this in calm terms. My success rate since then has been much better. CWN has been kind enough to provide us with a screen shot of the problematic popup. This gives me something to work with. To further get a handle on matters, I’d appreciate it if all who have had this issue can confirm that they saw a popup with the following heading:
“Danger: AVG Active Surf-Shield has detected threats on this page and has blocked access for your protection.” (Some additional text in smaller type follows.)
If you are seeing a DIFFERENT popup (or other strange behavior), pls report this also. As always, indicate OS, browser, and version number. Thanks for your help.
Seems better today, thanks. I got 3 fake AV’s that only switched my screen to something smaller.
When I started my business in 1992, I used to think that if I forced my customers to go through a process that was easiest for me, when diagnosing problems with my company, they would comply and continue being my customers.
But alas…
My personal computer , at work, got fucked by this thing. I’m brining in somebody to fix it. I don’t know how to do it myself. It happened just like people on here are describing. I’m not a computer guy; I’m a photographer. I don’t know what version my OS is and I don’t know how to take a screen shot, or what ever.
This sucks.
When I was a manager and customers where experiencing recurring problems I was simply told that the situation was unacceptable and could not continue, or I would not continue. And I solved problems, sometimes at the expense of the vendor. Because there are always more vendors who want the business.
But the SDMB seems content to keep putting out the same fire over and over, month after month.
And you’ll be back at it again, putting out a new/old fire, with the same old lack of enthusiasm next month.
I’ve been hit with this twice in the past week. Chacoguy pretty much said what I was going to. If this was a first time issue with the site you may find people would be more accommodating, but seeing as how this is an ongoing issue and you have done…well nothing as far as I can tell to stop it, maybe it’s time to consider new management for the SDMB.
Despite everybody yelling and screaming, I’ve yet to see anyone actually leave because of this.
And pretty much everyone on the net is having these problems if they don’t broker their ads themselves, because the ad model is broken, and the plugins that allow the ads are all not security conscious enough. There’s a reason I call Adblock a security tool.
It doesn’t work that way. The board is Ed’s, as the column it was based around is Ed’s. It’s not like this place is going to be sold. If it becomes more trouble than it’s worth, it will be shut down. The people who own the place have made this clear time and time again.
Blocking ads so the SDMB receives no money from my visit is the more or less the same thing as leaving.
Yes, this is the popup I saw. Which actually doesn’t help you at all as AVG Surf-Shield is a legitimate security program which blocked the malware the SDMB was trying to serve up on my PC.
As someone said in a previous thread, the only way to fix this is to remove all ad providers and reintroduce them one at a them to figure out who’s causing this.
Blaming the person who got exploited for running a bad browser isn’t an acceptable excuse. A lot of us running IE to post here have no choice–i.e., we’re posting from work or public computers that we can’t install another browser on.
How many times are you going to calmly explain to the same ad servers that they’re giving your users malware before you realize that they don’t give a flying fuck as long as *they *keep making money, even if it’s screwing *you *over?
I can’t tell you what to do, but I can tell you that if this were my website, after the third or fourth exploit went out, every image-based ad would be cut out until I could get a guarantee that it would not release any further malware.
People don’t leave. They just start blocking ads–sometimes *instead of *sponsoring because, like me, they don’t like feeling forced into it. Which means that the SDMB *loses *revenue it would have gotten if it weren’t so concerned with making revenue at the possible expense of user security.