Could you please fix this pop-up attempts?

[Jaws2002]

For the last few weeks, my malwarebytes catches this attempt to redirect my search every time I join the forum.

 

 

I know it's something on my computer that tries to connect, but it's only happening on this site, and only for the last few weeks. It must be something in the forum software that may need fixing.

   Could you please check into it?

 

Thank you.

Edited September 28, 2017 by Jaws2002

[Hucky]

I have the same message at every page call   

[Jade_Monkey]

Its the image used by some people in their signature to display the user made campaign badges. Malwarebytes detects the call to imgur which triggers additional calls to image.ibb.co.

 

I already notified a user who had it, but there might be more out there.

 

So, to be clear, it's not this forum, it's the images some people are linking in their signatures.

[Jaws2002]

Cool. Didn't know that. I get that only here, so I thought some malware stuck to the forum software.

 

Thank you very much for the explanation. I was digging my computer for trojans and malware for a few hours to figure out what may cause it.

 

[Jade_Monkey]

Im glad you posted it here though, it seems like (some) imgur pics are also making requests to that weird site. It could be a potential security concern.

 

I've been using Tinypic instead for a while and im pretty happy.

[1/JSpan_Wind75]

There is really an attempt to access the forum user's PC. Maybe Malware. I started to see it today when entering the forum. It comes from this web: http://www.stormofwar.org/

Edited September 29, 2017 by 1/JSpan_Guerrero

[ZachariasX]

If you think that AV software really protects you against a serious attempt in „taking over“ your PC, then you are mistaken. Keep in mind, that kind of software has actually to read „the evil software“ in order to assess its evilness. That is the point where it might well be too late. Besides, it is an invitation to generate false positives. If you are unsure about a signatue image, just upload it to virus total. You will get a better idea then. And you can do so. If it is nothing bad, then you‘re fine. If it is something bad, you‘re probably infected anyway because you cannot count on your AV singatures being updated more often than *you guys* visiting this forum.

 

You better don‘t execute that stuff at all, and on the web the only way to do so are plain content and script blockers. Thus your system never sees the questionable content. In the case of the OP, this is what Malwarebytes seems to do, but running such a service with system priviledges is not a smart way to handle „bad stuff“.

[Jaws2002]

Thanks for your input, but this thread is not about how much we suck at protecting ourselves from malware, but about malware that is present on this forum. I don't know if it's user images, or some vulnerability in the forum software, but something bad is present on this forum.

 

  Had this been about users ability to protect themselves against malware on the internet, I would have posted it in the Off Topic forum.

[ZachariasX]

Fair enough.

[Thad]

Its the image used by some people in their signature to display the user made campaign badges. Malwarebytes detects the call to imgur which triggers additional calls to image.ibb.co.

 

I already notified a user who had it, but there might be more out there.

 

So, to be clear, it's not this forum, it's the images some people are linking in their signatures.

Yes, Jade informed me about my suspect signature images. I deleted them all... obtained new one, uploaded them from my dropbox account. All is good now.

[ZachariasX]

For the last few weeks, my malwarebytes catches this attempt to redirect my search every time I join the forum.

If your blocker puts a flag on imgbb where peeps host images for everyone to see, then that is maybe ok, but it also says nothing about an attack. It just says that it flagged the whole site and wants you to nod it off. It is a common strategy of AV products to terrorize the user with messages like this instead of just being open about what it blocks (and that should be a lot).

 

Yes, Jade informed me about my suspect signature images. I deleted them all... obtained new one, uploaded them from my dropbox account. All is good now

Did you upload you "suspicious" ones to virustotal.com? Are these the same pictures? At least now they appear clean. But it would have been unuasual if someone edited your pics on imgur to arttack forum users. Ad servers are a much more prominent host for such.

 

There is really an attempt to access the forum user's PC.

This says that "smart security" has an issue with the credentials of the "storm of war" server. Chrome obviously hasn't, otherwise it would have given such a message. No you can make your own opinion on who is more diligent in certificates up to date. "smart security" or some webpage. It doesn't say you're under attack.

[Thad]

Negative.. If I remember correctly, I copied and pasted them from anothers signature on these forums.

[ZachariasX]

Negative.. If I remember correctly, I copied and pasted them from anothers signature on these forums.

As I did. I checked them now again on virustotal.com and no find at all. You did nothing wrong.

[Mesha44]

I simpler solution to third party issues like the images is to use a tool like privacy badger from the EFF.  With that tool turned off I see Thad's badges, if I turn it on they are blocked, and I get no errors.  I can white list dropbox so that the images appear again, since Privacy Badger shows that it is blocking that site.  When I do that Thad's badges are back.

 

I don't run any third party maleware software other than Privacy Badger and Microsoft's build in virus and firewall.  I just don't think any of them are worth the price, even if they are free.  If you are really concerned about security try NoScript.  But be advised it may break most sites. https://noscript.net/