Results 1 to 14 of 14

Thread: Malicious Site

  1. #1
    Member saatuk's Avatar
    Join Date
    Nov 2012
    Location
    ontario
    Posts
    6

    Malicious Site

    Any idea why coming to PE via Opera gets a red screen with a 'malicious site' warning? It's been happening for weeks and I'm getting tired of it.
    There's nowt so queer as folk

  2. #2
    Member Zeuhlmate's Avatar
    Join Date
    Nov 2012
    Location
    Copenhagen, Denmark
    Posts
    7,261
    I have noticed it too.
    It seems to be an Opera 'feature' - if you choose the menu and 'about' then there is a link where you can 'rate' Opera and send them a comment about this.
    I have just done that.

  3. #3
    Member saatuk's Avatar
    Join Date
    Nov 2012
    Location
    ontario
    Posts
    6
    Done
    There's nowt so queer as folk

  4. #4
    Member lak611's Avatar
    Join Date
    Jun 2016
    Location
    Cleveland, OH
    Posts
    616
    My antivirus software is doing this.
    Screenshot (626).jpg
    Laura

  5. #5
    Member interbellum's Avatar
    Join Date
    Sep 2014
    Location
    Xymphonia-city
    Posts
    4,602
    Quote Originally Posted by lak611 View Post
    My antivirus software is doing this.
    Screenshot (626).jpg
    Mine (ESET) did too, but after a few days not anymore.

  6. #6
    Member lak611's Avatar
    Join Date
    Jun 2016
    Location
    Cleveland, OH
    Posts
    616
    Quote Originally Posted by interbellum View Post
    Mine (ESET) did too, but after a few days not anymore.
    I'll see what happens. I've been using the site on mobile with the Tapatalk app recently but haven't tried on desktop PC since then.

    Sent from my XT1575 using Tapatalk
    Laura

  7. #7
    Member interbellum's Avatar
    Join Date
    Sep 2014
    Location
    Xymphonia-city
    Posts
    4,602
    Well, according to Duncan there's nothing to worry about, as it's the URL from one of the elements from the PE-site.

  8. #8
    Its a known exploit of vBulletin and it causes anyone accessing this site via Google (and possibly other search engines) to get redirected to a malicious download site.

    Opera gets its information about malicious sites from a Yandex blacklist. http://www.yandex.com/infected?url=w...ssiveears.org/

    I would say it is something to worry about.

    If you want protect your own computer from being redirected and you know how to, add a local host entry of:

    127.0.0.1 myfilestore.com

  9. #9
    Member lak611's Avatar
    Join Date
    Jun 2016
    Location
    Cleveland, OH
    Posts
    616
    I checked on desktop Windows using chrome earlier and ESET didn't give the malicious site pop-up.

    Sent from my XT1575 using Tapatalk
    Laura

  10. #10
    Member Zeuhlmate's Avatar
    Join Date
    Nov 2012
    Location
    Copenhagen, Denmark
    Posts
    7,261
    Doesn't it just say that some of us users have put up links that could containe malware?


    Quote Originally Posted by stevea View Post
    Its a known exploit of vBulletin and it causes anyone accessing this site via Google (and possibly other search engines) to get redirected to a malicious download site.

    Opera gets its information about malicious sites from a Yandex blacklist. http://www.yandex.com/infected?url=w...ssiveears.org/

    I would say it is something to worry about.

    If you want protect your own computer from being redirected and you know how to, add a local host entry of:

    127.0.0.1 myfilestore.com

  11. #11
    It redirects you to http://myfilestore.c0m/ download.php?id=5e0777d3 (which I have munged to stop it working).

    What that php file does is controlled by someone else - they could put anything they like in there (malware, ransomware, keyloggers etc.)

    Read all about it here:

    https://www.vbulletin.com/forum/foru...direct-malware

  12. #12
    I kept getting the 'site has been hacked' warning on Firefox. Eventually got back in by searching for a thread on John Wetton in PE on google.

  13. #13
    Member Zeuhlmate's Avatar
    Join Date
    Nov 2012
    Location
    Copenhagen, Denmark
    Posts
    7,261
    What says the PE administrators?

  14. #14
    Member interbellum's Avatar
    Join Date
    Sep 2014
    Location
    Xymphonia-city
    Posts
    4,602
    Quote Originally Posted by lak611 View Post
    My antivirus software is doing this.
    Screenshot (626).jpg
    It's back again. Maybe a "weekend"-issue

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •