PDA

View Full Version : Malware Warning



rayan
03-24-2010, 12:54 PM
I was notified that UU has been triggering a malware warning for some people using google browsing tools. I'm looking into it and it appears that openx (our ad server) has a vulnerability in it that was exploited on a lot of sites yesterday. I'm looking into it now. Thanks to the people who notified me.

Melissa82
03-24-2010, 01:21 PM
Here's a screenshot. I get that when I go to page 4 of the UCS drama thread. :P
http://img89.imageshack.us/img89/9106/screenshotmalware.jpg

rayan
03-24-2010, 03:29 PM
Super Mod team is on the case!

Melissa82
03-24-2010, 03:30 PM
I found out what the problem is. Someone has a ticker in their sig hosted by magicalkingdoms.com and it's causing the problem. Here is a thread on another forum explaining it all.
http://www.disboards.com/showthread.php?t=2427299

brickerenator
03-24-2010, 03:31 PM
Lynching party!

rayan
03-24-2010, 03:37 PM
ok problem appears to be fixed. thanks mod squad. great job as always.

Melissa82
03-24-2010, 03:38 PM
*flex*
..................

itsme
03-24-2010, 04:41 PM
I found out what the problem is. Someone has a ticker in their sig hosted by magicalkingdoms.com and it's causing the problem. Here is a thread on another forum explaining it all.
http://www.disboards.com/showthread.php?t=2427299
Well, Melissa, I think it's ironic that you, of all people, should find this, given that you've got a ticker in your sig. :p

I'm sure whoever it was with the offending ticker was completely unaware of any issues. Just another good reason to not allow users to post code (or even graphics) in sigs.

rayan, are you familiar with "cookie stuffing"? It's where someone includes a "graphic" in a post, even if that graphic is an unnoticeable 1x1 pixel clear gif. The image hosting site runs a script so if you load a graphic from there, you are served a cookie.

UU is now serving ads. Fact of life. I totally accept it as the price to use these forums for free so I'm not complaining at all.

Don't know your revenue model or how google ads necessarily work. But often the case is if someone clicks thru an ad on your site, a cookie is served, and the referring site will get a commission if the clicker makes a purchase within a certain time span.

Enter the cookie stuffer, who serves a cookie to prospects who merely view a forum page. So their cookie takes precedence even if a member clicks thru the ad on your web page. You lose out on any potential commissions.

Melissa82
03-24-2010, 04:45 PM
Ummm... really that post was not needed. Problem is solved I didn't say anything bad against anyone. Thanks for the lecture.

SuperSecretBETA
03-24-2010, 05:02 PM
Yes, let's ban everyone's graphic signatures. Great suggestion. That won't make anyone mad, and will increase revenue. It's all about the money.

Melissa82
03-24-2010, 05:22 PM
Anyhoo, matter has been taken care of. If anyone has concerns about sigs or experiences this again, please let us know. Unfortunately, it can sometimes be hard to keep tabs on everything but I know the admins at UU are doing their best and with your feedback we can make it work. :)

rayan
03-24-2010, 11:22 PM
Well, Melissa, I think it's ironic that you, of all people, should find this, given that you've got a ticker in your sig. :p

I'm sure whoever it was with the offending ticker was completely unaware of any issues. Just another good reason to not allow users to post code (or even graphics) in sigs.

rayan, are you familiar with "cookie stuffing"? It's where someone includes a "graphic" in a post, even if that graphic is an unnoticeable 1x1 pixel clear gif. The image hosting site runs a script so if you load a graphic from there, you are served a cookie.

UU is now serving ads. Fact of life. I totally accept it as the price to use these forums for free so I'm not complaining at all.

Don't know your revenue model or how google ads necessarily work. But often the case is if someone clicks thru an ad on your site, a cookie is served, and the referring site will get a commission if the clicker makes a purchase within a certain time span.

Enter the cookie stuffer, who serves a cookie to prospects who merely view a forum page. So their cookie takes precedence even if a member clicks thru the ad on your web page. You lose out on any potential commissions.

We discovered it wasn't related to our ad server at all and the warning was caused by one specific signature embed which linked to a site which was flagged by google as malicious (unknown by the sig owner). It's really wasn't a big deal once we figured out what it was. It's not a problem with sigs or ads.