Results 1 to 4 of 4

Thread: Rogue Advert?

  1. #1
    Join Date
    Jan 2008
    Posts
    294

    Default Rogue Advert?

    Just tried to get on phoronix and was redirected to this crap -

    www.andyqos.ukfsn.org/antiv-2.png

    Edit heres one that showes the site name.

    www.andyqos.ukfsn.org/antiv.png

    I must admit I was booted into an old setup with an out of date seamonkey, but It's only phoronix that did it, so I don't think it was anything my end as such, but as I don't normally use that partition anymore I could be wrong.

    What do you think - if it wasn't me but one of Phoronixes ad "partners" that did it I think it's deceitful and unacceptable for a responsible site to be associated with such an ad - or maybe one of them has been hacked?
    Last edited by legume; 02-24-2009 at 07:22 AM.

  2. #2
    Join Date
    Jan 2008
    Posts
    294

    Default

    Quote Originally Posted by legume View Post
    Just tried to get on phoronix and was redirected to this crap -

    www.andyqos.ukfsn.org/antiv-2.png

    Edit heres one that showes the site name.

    www.andyqos.ukfsn.org/antiv.png
    And again - same ad different names - I've been using this browser over the weekend and not one other site has been affected - I go on phoronix today and it happens again, after I did forums -> login -> index.

    It offered me an exe this time, which I have. I also have a partial tcpdump and more screens if you are interested - which I would hope you are as it's now far more likely to be a Phoronix problem than an old browser one don't you think?

    Edit: the exe is MalwareDefender2009.exe.
    Last edited by legume; 03-09-2009 at 08:53 AM.

  3. #3
    Join Date
    May 2007
    Location
    Third Rock from the Sun
    Posts
    6,584

    Default

    Since this is only happening to you, I was just wondering if you have tried another DNS server (such as openDNS)? You may be a victim of DNS hijacking.

  4. #4
    Join Date
    Jan 2008
    Posts
    294

    Default

    Quote Originally Posted by deanjo View Post
    Since this is only happening to you, I was just wondering if you have tried another DNS server (such as openDNS)? You may be a victim of DNS hijacking.
    It's possible I suppose, but it's only ever happened twice and both times Phoronix + old browser.

    There are three other PCs on this LAN using the same DNS and I normally use a more up to date setup and this or anything similar has never occurred.

    I'll have to remember to start a tcpdump before I go on phoronix on the few occasions I am booted into this old setup.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •