spiritchrysalis: (pebkac! (help desk / IT))
[personal profile] spiritchrysalis
As I may have mentioned elsewhere, I have regularly been receiving alerts about possible links to malware on my friends page. Malware from [sweepstakes*and*contests*info(dot)com, asterisks added to not replicate the original address], to be specific. This time it appeared right at the top, and with a little finagling, I was able to see who has posted since I last checked and didn't receive the malware alert on that page. Those users/journals are:

[livejournal.com profile] davis_square (posts by by [livejournal.com profile] miss_chance and [livejournal.com profile] closetalker11)
[livejournal.com profile] mindways (whose posts I've seen recently and don't seem to be triggering the alert, so likely not him)
[livejournal.com profile] _dragonwolf_
[livejournal.com profile] akiko
[livejournal.com profile] audioboy
[livejournal.com profile] drwex

At present, my suspicion is that it's the Davis Square LJ or, more likely, one of the two posters on it. I'm pretty sure I've seen posts from DragonWolf and AudioBoy without issue, and less sure about Dr. Wex and Akiko.

Just FYI.

Date: 2012-01-10 07:41 pm (UTC)
From: [identity profile] rivenwanderer.livejournal.com
If you use Firefox or Chrome, do you use the AdBlock Plus extension? (Despite the name, it's free.) I would personally be suspicious about LJ ads rather than individual users...

Date: 2012-01-10 07:44 pm (UTC)
From: [identity profile] rigel.livejournal.com
I use it on my main browser (Chrome), yes. In fact, that's when I started getting the alerts!

I don't believe I see ads on my friends page. I have a permanent account, though.

Date: 2012-01-10 08:19 pm (UTC)
feuervogel: photo of the statue of Victory and her chariot on the Brandenburg Gate (Default)
From: [personal profile] feuervogel
Someone said they think it's my mood theme, which makes not a lick of sense to me, because I use the exact same theme on my dreamwidth, and nothing's coming up there as a warning.

But I plan to reupload my entire domain at some point. It's on my other computer, however; the one I don't use because it's from the first half of 2005.

Date: 2012-01-11 12:56 pm (UTC)
From: [identity profile] daproofpimp.livejournal.com
I clicked on your name to see if I could replicate the problem, and indeed I did. I got the following error message. In particular, note the "sweepstakesandcontestsinfo.com" listed as the host of the malware.

Safe Browsing
Diagnostic page for akiko.livejournal.com

What is the current listing status for akiko.livejournal.com?

Site is listed as suspicious - visiting this web site may harm your computer.

Part of this site was listed for suspicious activity 2 time(s) over the past 90 days.

What happened when Google visited this site?

Of the 1 pages we tested on the site over the past 90 days, 1 page(s) resulted in malicious software being downloaded and installed without user consent. The last time Google visited this site was on 2011-12-30, and the last time suspicious content was found on this site was on 2011-12-30.

Malicious software is hosted on 1 domain(s), including sweepstakesandcontestsinfo.com/.

1 domain(s) appear to be functioning as intermediaries for distributing malware to visitors of this site, including nalimara.net/.

This site was hosted on 1 network(s) including AS32787 (PROLEXIC).

Has this site acted as an intermediary resulting in further distribution of malware?

Over the past 90 days, akiko.livejournal.com did not appear to function as an intermediary for the infection of any sites.

Has this site hosted malware?

No, this site has not hosted malicious software over the past 90 days.

How did this happen?

In some cases, third parties can add malicious code to legitimate sites, which would cause us to show the warning message.

Next steps:

Return to the previous page.
If you are the owner of this web site, you can request a review of your site using Google Webmaster Tools. More information about the review process is available in Google's Webmaster Help Center.

Date: 2012-01-11 01:36 pm (UTC)
feuervogel: photo of the statue of Victory and her chariot on the Brandenburg Gate (Default)
From: [personal profile] feuervogel
And that's the same thing google safesearch has been telling me, except that it also says a half dozen other journals (to which I have no relation) have given the same warning.

That is to say, thanks for treating me like a child and talking down to me.
Edited Date: 2012-01-11 01:37 pm (UTC)

Re:

Date: 2012-01-11 04:58 pm (UTC)
From: [identity profile] rigel.livejournal.com
Whoa. Hold on there.

I realize it must not have read to you this way, but I'm pretty sure [livejournal.com profile] daproofpimp was trying to help rather than treat you like a child. Not everyone would know to look at the diagnostic page for your journal; I certainly wouldn't. And I'm not a child. Mentioning a possible cause for a problem and a resource for learning more is not a value judgment about the potential source of said problem.

. . . and AFAIK, jut because half a dozen other journals unrelated to you have the same warning doesn't mean it isn't something. It could be a weird way a style is being interpreted. It could also mean that different people have stumbled on the same thing on the Internet which has caused it.

Date: 2012-01-11 05:07 pm (UTC)
feuervogel: photo of the statue of Victory and her chariot on the Brandenburg Gate (Default)
From: [personal profile] feuervogel
The google safesearch page pops up in firefox and says "find out more by clicking this finely crafted link!" (or something to that effect.) He copy-pasted the results of clicking the link.

Either way, I just spent the last HOUR transferring files from the computer I don't use anymore (where all my website things are kept, of course) and reuploading the mood theme. If that's where the problem is, it ought to bloody go away.

Date: 2012-01-18 10:20 am (UTC)
From: [identity profile] daproofpimp.livejournal.com
I'm sorry I offended you, Akiko.

Thank you, Rigel, for defending me and correctly identifying my intention.
Edited Date: 2012-01-18 02:45 pm (UTC)

Date: 2012-01-10 08:23 pm (UTC)
From: [identity profile] oonh.livejournal.com
I have been seeing this too.

Date: 2012-01-11 04:18 am (UTC)
ext_9394: (Default)
From: [identity profile] antimony.livejournal.com
Nothing alerts me on [livejournal.com profile] davis_square but [livejournal.com profile] akiko's journal does throw one.

Profile

spiritchrysalis: (Default)
Rigel

February 2014

S M T W T F S
      1
2345678
9101112131415
16 171819202122
232425262728 

Most Popular Tags

Style Credit

Expand Cut Tags

No cut tags
Page generated Jul. 26th, 2017 08:37 pm
Powered by Dreamwidth Studios