Jump to content
Chris07

XSS Issue?

Recommended Posts

Just recently, within about 30 minutes of this post, I've been getting redirected to a Malware site which states my browser is out of date and wants me to download some crap that's obviously malware. I get redirected as soon as the page finishes loading.

 

It happens about 10% of the time right now while browsing this forum. I've gone to a few others sites and forums, however I've had no issue with that. This is the only site with an issue. I am using Chrome and even had the issue occur on a fresh install of Firefox (which rules out a rogue chrome extension). I haven't downloaded/installed anything new on my PC for at least a few days....and I was browsing this site earlier without any problems. 

 

Chrome on my laptop, which runs on OSX also produces this issue...so I can rule out a virus/adware on my PC.

 

It looks like a possible XSS attack...perhaps it's a rouge advertisement?

Link to comment
Share on other sites

It may also be an issue with Viglink (The script that turns text into clickable links to sponsors on posts). It's seems to happen WAAAAY More frequently (if not exclusively) on the view topic pages for me.

Link to comment
Share on other sites

It may also be an issue with Viglink (The script that turns text into clickable links to sponsors on posts). It's seems to happen WAAAAY More frequently (if not exclusively) on the view topic pages for me.

I'm afraid that is a virus/malware. If it looks anything like this atleast. I've had it and it was a pain to get rid of.

 

As for the main topic I recommend Adblock as I believe (!) it stoppes redirecting links. I've not experienced it atleast.

Link to comment
Share on other sites

I feel bad using ad blockers on small independent sites like this. I'm sure this site costs a fair amount of money to keep alive and having ads helps keep this site up and running.

Unfortunately due to this issue I may be forced to use it.

...now if EMP had a way to donate money in exchange for being ad free I'd consider donating ;)

Link to comment
Share on other sites

The problem from my understanding is that people with ill intent managed to get into advertising system and instead of linking to normal legit advertisers instead goes to the not so legit alternatives that were added in their place, the issue happened for me for a short timeframe (about a day or two) before it was resolved by google.  In the end the issue that I was experiencing is similar to yours, but in both instances I believe it is related to the advertising system Google uses, they temporarily seem able to repair the damages done by the malicious actions but since it has happened for you so recently, it appears they have as-yet closed the loophole that they are exploiting to do it.  It is ultimately up to Google to make the required alterations to their system to prevent the malicious changes, we and other sites (we're not the only one to have had issues with this type of thing) can't do anything about it as it isnt our systems at fault, but the advertising system Google uses that requires alterations.  Hopefully they get it in check soon and eliminate the problems, otherwise many sites will have to change how they function because their system is unreliable if it continues to be tampered with.

Link to comment
Share on other sites

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.



×
×
  • Create New...