Announcement

Collapse
No announcement yet.

Rogue Advert?

Collapse
X
Collapse
 
  • Page of 1
  • Filter
  • Time
  • Show
Clear All
new posts
Previous template Next
  • #1

    Rogue Advert?

    Just tried to get on phoronix and was redirected to this crap -

    https://www.andyqos.ukfsn.org/antiv-2.png


    Edit heres one that showes the site name.

    https://www.andyqos.ukfsn.org/antiv.png


    I must admit I was booted into an old setup with an out of date seamonkey, but It's only phoronix that did it, so I don't think it was anything my end as such, but as I don't normally use that partition anymore I could be wrong.

    What do you think - if it wasn't me but one of Phoronixes ad "partners" that did it I think it's deceitful and unacceptable for a responsible site to be associated with such an ad - or maybe one of them has been hacked?
    Last edited by legume; 24 February 2009, 08:22 AM.
    Tags: None
  • #2
    Originally posted by legume View Post
    Just tried to get on phoronix and was redirected to this crap -

    https://www.andyqos.ukfsn.org/antiv-2.png


    Edit heres one that showes the site name.

    https://www.andyqos.ukfsn.org/antiv.png
    And again - same ad different names - I've been using this browser over the weekend and not one other site has been affected - I go on phoronix today and it happens again, after I did forums -> login -> index.

    It offered me an exe this time, which I have. I also have a partial tcpdump and more screens if you are interested - which I would hope you are as it's now far more likely to be a Phoronix problem than an old browser one don't you think?

    Edit: the exe is MalwareDefender2009.exe.
    Last edited by legume; 09 March 2009, 08:53 AM.

    Comment

    • #3
      Since this is only happening to you, I was just wondering if you have tried another DNS server (such as openDNS)? You may be a victim of DNS hijacking.

      Comment

      • #4
        Originally posted by deanjo View Post
        Since this is only happening to you, I was just wondering if you have tried another DNS server (such as openDNS)? You may be a victim of DNS hijacking.
        It's possible I suppose, but it's only ever happened twice and both times Phoronix + old browser.

        There are three other PCs on this LAN using the same DNS and I normally use a more up to date setup and this or anything similar has never occurred.

        I'll have to remember to start a tcpdump before I go on phoronix on the few occasions I am booted into this old setup.

        Comment

        Previous template Next
        Working...
        X