Refreshing party redirect to an adult site?!? |
Jul 16 2014, 04:28 AM
Post
#41
|
|
Gym Leader Group: +Donors Posts: 587 Joined: 18-July 09 Member No.: 47 812 Totally...useless |
While I was using my phone to read this thread I clicked the Bugs and Errors link at the bottom of the page to move back out of the thread, instead of going there, I was redirected to this adultfinder page. I think this is weird if the redirects are related to ads, because there are no ads on the forums.
-------------------- All my stuff is viewable by everyone on my public page. Make trinket offers faster The Discord chat is a nice way to hang out with other users. |
|
Jul 16 2014, 04:48 AM
Post
#42
|
|
Pokémon Trainer Group: Members Posts: 0 Joined: 25-December 12 From: New York Member No.: 186 493 Active Squad |
I posted the problem on a Web Dev subreddit and received a reply with information that could be relevant. Here is a link to the reddit thread:
http://www.reddit.com/r/HTML/comments/2aud..._randomly_what/ User Just_Another_Thought replied and said the server could be compromised. He also linked to an article about Linux/Cdorked malware that sounds very close to the problem we're experiencing. You can read more about it here: http://www.welivesecurity.com/2013/05/07/l...-also-affected/ Hopefully this helps. |
|
Jul 16 2014, 06:35 AM
Post
#43
|
|
You idjits Group: +Donors Posts: 29 Joined: 8-January 10 From: The Netherlands Member No.: 78 964 Eggs takin' over |
I posted the problem on a Web Dev subreddit and received a reply with information that could be relevant. Here is a link to the reddit thread: http://www.reddit.com/r/HTML/comments/2aud..._randomly_what/ User Just_Another_Thought replied and said the server could be compromised. He also linked to an article about Linux/Cdorked malware that sounds very close to the problem we're experiencing. You can read more about it here: http://www.welivesecurity.com/2013/05/07/l...-also-affected/ Hopefully this helps. It did not know this was such a big thing. I tought somebody just broke into the servers. But these attacks started in december 2012. I hope these attacks could be stopped. I've been redirected 4 times so far... My little brother had the same problem with this site calles wattpad. The attacks somehow stopped on wattpad. EDIT: I'm also experiencing many 504 server time-out error, does that have to do anything with this? This post has been edited by Ruurd: Jul 16 2014, 06:37 AM -------------------- |
|
Jul 16 2014, 07:51 AM
Post
#44
|
|
Pokémon Trainer Group: +Donors Posts: 54 Joined: 4-July 12 Member No.: 166 878 Active Squad |
Not sure if we are supposed to keep reporting these things, but after the first occurrance, I was (almost, managed to click the back button in time :P) redirected again when on my phone, trying to get from the mobile site to the main site, and just now, when clicking the explore page. Via another redirecting site, I was sent to marthajanice.us (which is appropriately named 'Warning! Explicit material'), and from there, I was automatically redirected to justhookup.com (where I even got a pop-up to confirm that yes, I did really want to leave that site)
-------------------- |
|
Jul 16 2014, 08:36 AM
Post
#45
|
|
None Group: +Donors Posts: 353 Joined: 24-June 10 From: Massachusetts Member No.: 102 120 Top Favorites |
I just wanted to post saying that a few minutes ago I was clicking on the exploration tab on GPXplus to check something and I was redirected to a adultcontent site, this is the second time in the past day or so I have been redirected to a outside site. (the first time it was clicking a gpxplus link and I was redirected to facebook game)
I have ran scans and everything seems to be normal, I use Chrome, and my extensions are only a few one being webroot security and the other the gpxplus extension. If it happens again I'll try to get a screenshot to send to the admins, I didn't this most recent time because when a redirect happens like it did I want to leave the site as soon as possible. -------------------- GPXplus Groups Joined (click to show ) Contest Ribbons and Credits (click to show ) |
|
Jul 16 2014, 09:24 AM
Post
#46
|
|
Zerkadelic Group: Root Administrators Posts: 3 688 Joined: 11-June 07 From: Texas Member No.: 2 My Favorites |
Hi all,
We're definitely aware now that there is an issue, one which I am able to reproduce on my own. Thanks for everyone trying to help, but at this point, we don't really need to keep posting the links or screenshots. The redditor that bloodbeard quoted is correct that our server is likely a victim of Cdorked, and we are working on steps to resolve the issue as soon as possible. This is one clever backdoor. I will let you know of any updates when they're available. -------------------- Want a rotating avatar like mine? Check out my website: randimg!
Thanks to all of the people in this thread and this thread for the various avatars! |
|
Jul 16 2014, 09:24 AM
Post
#47
|
|
Radioactive Zombie Pilot Group: +Donors Posts: 61 Joined: 9-June 10 From: Bermuda Triangle Member No.: 99 843 Time Squad |
It happened to my BFF Vithrawiel and to myself as well, redirecting to the traffspot website, then to adult ones.
First time yesterday, and then some minutes ago. I managed to keep the url of two of them, one being the adultfrienfinder some people claim to have stumbled upon, and another one with a more complex url, seemingly originating from Cyprus (atasehirescortbayani), dripping in malware. Be very careful. I can provide the complete urls to the admins. [EDIT] I don't know if it is related, but I can't get on gpxplus at the minute I'm posting this message. I only get a "Fatal error: Class 'Memcached' not found in /home/gtsplus/public_html/gpxplus/includes/memcached.php on line 12". This post has been edited by StukAktuZ: Jul 16 2014, 09:34 AM -------------------- [spoiler=What I've Contributed to GPX+
]6th Generation Sprites & Shinies -Amaura -Clauncher -Clawitzer -Espurr -Fletchling -Inkay -Malamar -Mega Blastoise -Mega Garchomp -Mega Pinsir -Meowstic (Male & Female) -Scatterbug -Spewpa -Spritzee -Talonflame -Tyrunt -Vivillon (All patterns except Fancy Vivillon) Novelty Pokémon & Shinies -Magma Totodile / Magma Croconaw / Magma Feraligatr -Ekralyp / Ekranko / Ekranord Eggs -All tiny 6th Gen Party Egg Icons -Amaura's Egg -Espurr's Egg -Fletchling's Egg -Inkay's Egg -Scatterbug's Egg -Spritzee's Egg -Tyrunt's Egg -Xerneas' Egg's hatching steps -Magma Totodile's Egg & Egg Icon -Ekralyp's Egg & Egg Icon Items -Saltwater Bucket[/spoiler] [align=center]...:::..::.::.::..:::... .:Say Hello to my BFF!:. ...:::..::.::.::..:::...[/align] [align=center]French-speaking staff member! PM me if you need help! Membre du staff francophone! Envoyez-moi un MP si vous avez besoin d'aide! [/align] [spoiler=GPX+ Groups][align=center][topic=33048][/topic] [topic=63819][/topic] [topic=69158][/topic] [topic=71378][/topic][/spoiler][/align] |
|
Jul 16 2014, 09:49 AM
Post
#48
|
|
Smeargle Addict Group: +Donors Posts: 376 Joined: 24-January 12 From: Smeargle Member No.: 158 009 Smeargle Addict |
OH, thank you so much. My parents are giving me crap thinking I actually GO to this website. ;-; Some people shouldn't be seeing that yet. Thank you for making this thread... ;-;
-------------------- |
|
Jul 16 2014, 10:09 AM
Post
#49
|
|
Pokémon Trainer Group: Members Posts: 66 Joined: 20-April 09 Member No.: 13 782 Random PKMN's |
I dont know if it helps, but im having these same Problems on Safari too.
I was worried my computer caught a Virus. Any one know if these Adult sites are Giving Computer Viruses? -------------------- |
|
Jul 16 2014, 10:25 AM
Post
#50
|
|
Zerkadelic Group: Root Administrators Posts: 3 688 Joined: 11-June 07 From: Texas Member No.: 2 My Favorites |
Vulpix D, that is unclear, however Safari and Chrome are generally safe browsers, and if you're on a Mac, you have even less to worry about.
@ Everyone: We've taken some steps now, please let us know if you are redirected again after this post. Thanks. -------------------- Want a rotating avatar like mine? Check out my website: randimg!
Thanks to all of the people in this thread and this thread for the various avatars! |
|
Jul 16 2014, 11:07 AM
Post
#51
|
|
Pokémon Trainer Group: +Donors Posts: 23 Joined: 26-April 09 Member No.: 16 388 Active Squad |
I'm still getting redirected to adult friend finder it just happened about five minutes ago.
-------------------- |
|
Jul 16 2014, 11:23 AM
Post
#52
|
|
Zerkadelic Group: Root Administrators Posts: 3 688 Joined: 11-June 07 From: Texas Member No.: 2 My Favorites |
I've also been able to reproduce it again now too, back to the drawing board!
-------------------- Want a rotating avatar like mine? Check out my website: randimg!
Thanks to all of the people in this thread and this thread for the various avatars! |
|
Jul 16 2014, 11:27 AM
Post
#53
|
|
'Chu Lover Group: +Donors Posts: 42 Joined: 15-February 09 From: Minnesota Member No.: 3 773 My favorites |
I've been getting a redirect to http://yi9qa3nlq1gj0i6vt9bs69i514753df9516...o.uk/index2.php
Not sure what it is, since it never actually loads, but randomly when I try to refresh my party it redirects to this site. I use Firefox. -------------------- Chuu avatar drawn by shoesuke on DA Personal Photo of Burichu drawn by shujinkou on the ImpressiveHearts Forum You Like Pancakes? (click to show ) Burichu sprite made by Team Sunset c: |
|
Jul 16 2014, 12:14 PM
Post
#54
|
|
Zerkadelic Group: Root Administrators Posts: 3 688 Joined: 11-June 07 From: Texas Member No.: 2 My Favorites |
We've come up with a clever bandaid solution that should prevent these redirects from happening. While this doesn't remove the infection from our server, it should protect our users from being taken away from the website.
Again, please let us know if you happen to get redirected again after this post. Note that when the redirect would have happened, certain site features may not work for you, as one or more JavaScript files wouldn't have loaded properly. If you experience any weirdness, just refresh the page, and it should be OK. -------------------- Want a rotating avatar like mine? Check out my website: randimg!
Thanks to all of the people in this thread and this thread for the various avatars! |
|
Jul 16 2014, 12:27 PM
Post
#55
|
|
Axew and Volcarona enthusiast Group: +Donors Posts: 4 056 Joined: 3-September 09 From: England Member No.: 61 211 Invisible Kyurem |
We've come up with a clever bandaid solution that should prevent these redirects from happening. While this doesn't remove the infection from our server, it should protect our users from being taken away from the website. Again, please let us know if you happen to get redirected again after this post. Note that when the redirect would have happened, certain site features may not work for you, as one or more JavaScript files wouldn't have loaded properly. If you experience any weirdness, just refresh the page, and it should be OK. I've tried refreshing quite a few times, even closed and re-opened chrome and I still can't send anything to the VS Seeker. Normally wouldn't be an issue but the next step of my exploration requires its usage. I assume it'll take a little longer than ~10 minutes for it to be back to normal? e: I've tried force refreshing too This post has been edited by Samoo: Jul 16 2014, 12:29 PM -------------------- Don't forget to love yourself. Add me for daily clicks: 873/1000 [align=center]--- Community Thread Shiny List! ---[/align] [align=right]Breeding Incentives: Mission Cards [/align] |
|
Jul 16 2014, 12:31 PM
Post
#56
|
|
Zerkadelic Group: Root Administrators Posts: 3 688 Joined: 11-June 07 From: Texas Member No.: 2 My Favorites |
Samoo, try now. Had to tweak my bandaid a bit.
-------------------- Want a rotating avatar like mine? Check out my website: randimg!
Thanks to all of the people in this thread and this thread for the various avatars! |
|
Jul 16 2014, 12:33 PM
Post
#57
|
|
Axew and Volcarona enthusiast Group: +Donors Posts: 4 056 Joined: 3-September 09 From: England Member No.: 61 211 Invisible Kyurem |
Samoo, try now. Had to tweak my bandaid a bit. Yup, all sorted now. Thank you :) -------------------- Don't forget to love yourself. Add me for daily clicks: 873/1000 [align=center]--- Community Thread Shiny List! ---[/align] [align=right]Breeding Incentives: Mission Cards [/align] |
|
Jul 16 2014, 01:00 PM
Post
#58
|
|
Assassin by Association Group: Members Posts: 77 Joined: 27-May 10 From: Like I'm telling you my secret location! Member No.: 97 925 My Guards |
My concern is is that the site is no longer safe to visit. While I know nothing about coding, a 'bandaid' will only go so far in helping to heal a wound. Honestly, I'd rather know if the infection was completely removed, rather than just 'patched' over.
-------------------- Got no place to run, got no place to hide...
Many thanks to the awesome Doctor Octopus for this overworld march! Click for parties! (click to show ) My Groups (click to show ) |
|
Jul 16 2014, 01:10 PM
Post
#59
|
|
Zerkadelic Group: Root Administrators Posts: 3 688 Joined: 11-June 07 From: Texas Member No.: 2 My Favorites |
My concern is is that the site is no longer safe to visit. While I know nothing about coding, a 'bandaid' will only go so far in helping to heal a wound. Honestly, I'd rather know if the infection was completely removed, rather than just 'patched' over. We're still drafting out a plan to fully remove the infection, likely a system rebuild. However, the only thing this infection does is inject a javascript file that redirects the user through an ad website. The patch we came up with will prevent this redirect from happening, because it prevents the external javascript file from even being loaded. So while our system itself is still infected, our end-users are safe. We will let everyone know when we begin work on rebuilding and/or migrating the system, to fully rid ourselves of this backdoor. -------------------- Want a rotating avatar like mine? Check out my website: randimg!
Thanks to all of the people in this thread and this thread for the various avatars! |
|
Jul 16 2014, 01:29 PM
Post
#60
|
|
Gym Leader Group: +Donors Posts: 590 Joined: 16-July 10 From: Chicago Member No.: 105 850 Beautiful Change |
I've been getting redirected to justhookup and some other sites for the past few days on mobile. Haven't had a problem with the regular site on my laptop.
-------------------- |
|
2 User(s) are reading this topic (2 Guests and 0 Anonymous Users)
0 Members:
Lo-Fi Version | Time is now: 19th April 2024 - 11:43 PM |