Beware of Sudden Virus Warnings!!
by Chris Fontecchio on Mar 9, 2011 12:56 PM EST
Email
PrintHi all -- some readers, including myself, have experienced a situation where we were opening the Podium Cafe front page and were redirected to a page that looked like a Windows computer's virus scan. The "scan" informs us that we have viruses, they're critically important, and we have to click on some button to run a program and remove them.
Needless to say... DON'T CLICK ON THE BUTTON!!!
The virus warning is actually a virus. If you see this page, you don't actually have a virus, but if you do the thing it tells you to do, you will get one.
If you are suddenly redirected to a page that comes up in your internet browser that looks like a windows virus scan app, close your browser. It's a scam housed in a website, so closing out the browser will enable you to elude their grasp. [IT folks, check me on this, but it seems quite clear.]
The SBN tech team is aware of the problem; it was lodged in one of our ad scripts and has been removed, but if you see the problem recurring, let me know. And again, close your browser immediately and you will be fine. Reopen it and come back to the Cafe... in all probability you won't see the scam warning again when you do. Thanks!
32 comments
|
0 recs |
Do you like this story?
Comments
This is from November and could easily be out of date
on the Vshare download thing at bvls. Not something I know enough about to comment much on, but may be something to consider
Yah..... Lesson learnt
Never click on something you have not opend yourself, not even if it looks like a warning from Windows Security.
Allways close windows you have not opend yourself.
Have just got my laptop back from cleaning, it costs me 400 dkr. Sadface…..
Oh, thanks Chris.
I actually got that a couple times on my home PC. I immediately thought “Pfft…I don’t think so” and ran my anti-virus programs and, sure enough, I was clean. I didn’t think to report it to anyone though…sorry.
BTW, we recently switched to Mac at home, and I must say, PdC takes a little while to load these days – home PC, work PC, home Mac, iTouch – wonder what’s going on with that?
A bike should have a voice... it should speak to you, and you should hear it, and what it should say is: "Attack!" - sminer
Um...I mainly notice it when
I come back to the main page from somewhere else (not PdC).
On an unrelated topic – recently, if I want to “reply” to a post, I have to hit “actions” first. I can’t go directly with “reply”…this is just to individual posts.
A bike should have a voice... it should speak to you, and you should hear it, and what it should say is: "Attack!" - sminer
Have you tried it in alt browsers?
The PdC page is pretty heavy, lots of code bloat and extrenal calls, but shouln’t be too much of a prob with a decent connection.
pounding along in three ratios like a sonata
like a Ritter with pommelled scrotum atra cura on the step
Botticelli from the fork down pestling the transmission
tires bleeding voiding zeep the highway
by fmk on Mar 9, 2011 5:38 AM EST up reply actions
Just wait until next weekend!
This site’ll get super bogged down with all the chatter that will happen during MSR.
What would Deming do? (+8:00 GMT)
Fake AV
Sounds like Fake AV which has been out since 2009. It’s a drive by/social engineered Trojan that has evolved into a monster. Drive by meaning that malicious scripting has been inserted into a web page and all you need do is visit the page for a script to run. Another variant uses malformed links in the page to launch malicious content. And yet another now actually has a live chat window that you chat back and forth with the criminal. AV companies won’t use pop-up windows to inform the visitor that they have a virus. Just do a Google search on ‘Fake AV’ and look at the symantec.com or sans.org returns to read up on it. There’s plenty o’ goodness out there to catch up on.
And I thought it might be the Revenge of Billdozer.
"It's a lovely thing, feeling that momentum. If you're lucky, it's also about grace." Tim Winton
avast antivirus. nuff said.
i never see these things with avast.
"Wizard's first rule. People are stupid. They will believe anything they want to be true or fear to be true." -- Terry Goodkind
"NoScript" is your friend
I highly recommend Firefox and the NoScript add-on which will block this sort of thing. Unfortunately, it will also block all the good stuff, like your ability to log on and to comment, or to watch embedded video, until you tell it not to specifically, so it takes a little effort to manage it, tune it, etc., but it’s worth it IMHO An added benefit for us geeks is that it clearly demonstrates how most websites are actually a patchwork quilt content and services from a bunch of other websites.
Jens! Voigt puts the 'laughter' in 'manslaughter'
If you're totally paranoid
then there’s a little application called sandboxie which tracks all changes made to your system by any piece of software and resets the lot when you quit.
But the problem with doing stuff like that is that often you just don’t realise that you’re missing half a web page. Nowadays I come here using a copy of Opera 9 with a slightly old version of Flash which I don’t use for much other browsing (this PC is a bit old and all the clever live race chat stuff slowed version 10 to an almost unusable state) and I still got a funny URL in the bar. After the podium cafe bit it had a ?q=http://funnyurl (can’t remember what), but the page looked normal. I did a couple of scans, then whe I came back Chris had posted this.
Sandboxie is cool
but my old computer got totally hosed shortly after I installed it, and it drove my non-technical wife crazy. Not sure Sandboxie was actually the cause of either thing, but I would rather blame it than myself.
Jens! Voigt puts the 'laughter' in 'manslaughter'
Sandboxie is great sometimes
but it’s a real bugger when you think that you’ve bookmarked something and ……
The virus guys can be even trickier than that
They can capture the X box that closes the window so that when you close the browser or the phony scan program you still get the virus.
If your computer ever starts doing anything completely unexpected like what was described above, you immediate strike all three keys CTRL-ALT-DEL and when the Windows Task Manager comes up hit the END TASK button for all the suspect applications. ( If your not sure which applications are suspect, end them all )
The Tour de France, So Crashy ! - gav
Force Quit
If cobble delusions are wrong, who wants to be right? -JFS PGH
by Chris Fontecchio on Mar 9, 2011 1:12 PM EST up reply actions
I posted a link
to podium cafe 2 days ago to a friend and she said she got a virus…
I like bikes!!!
Bec*
Ugh
That’s the last thing I want to hear… or more specifically, the last thing I want to have happen. DAMMIT!
The Tech Team is working on it, and they’re usually quite good at such things. fingers crossed.
If cobble delusions are wrong, who wants to be right? -JFS PGH
by Chris Fontecchio on Mar 9, 2011 1:12 PM EST up reply actions
Or Firefox even.
pounding along in three ratios like a sonata
like a Ritter with pommelled scrotum atra cura on the step
Botticelli from the fork down pestling the transmission
tires bleeding voiding zeep the highway
by fmk on Mar 9, 2011 2:37 PM EST up reply actions
When people say snark about paying so much money for a Mac, let's just remember this conversation.
I know Mac’s can be exposed to some things too, but it’s all a numbers game to hackers. Which leads me to a point…It is sort of a complement to have a virus here. You’re popular enough to be infected! Congrats!
See, lemon made into lemonade. cough, cough
um
thanks!
If cobble delusions are wrong, who wants to be right? -JFS PGH
by Chris Fontecchio on Mar 9, 2011 2:09 PM EST up reply actions
adding
this is a twist on too big to fail. Too big to not be sabotaged?
If cobble delusions are wrong, who wants to be right? -JFS PGH
by Chris Fontecchio on Mar 9, 2011 2:10 PM EST up reply actions
The "virus" is not being served up by SB Nation, per say
It’s being served up via ads from an ad hosting company that are displayed as part of the site, or so I gather based on what Chris say above. The bad ad is trying to get you to install the malware, but it is not the malware itself. It’s a distinction without a difference if you get infected, but still, the only way to protect yourself is to limit what content your browser displays using AdBlock or NoScript, or something similar. Not to piss on the rug that is our advertising revenue, but that is the only way to stop these things.
Jens! Voigt puts the 'laughter' in 'manslaughter'
a good antivirus program works wonders.
"Wizard's first rule. People are stupid. They will believe anything they want to be true or fear to be true." -- Terry Goodkind
or a mac
I’ve had nothing of this sort as of so far
Sminer: I blame KARMA for everything.
Jens: I've heard it's a bitch
Water Girl: I heard it ran over your dogma
Comments For This Post Are Closed
Secondary Sidebar
User Tools
FanPosts
Community blog posts and discussion.
Recommended FanPosts
Recent FanPosts
Celebrate the Giro d'Italia at Podium Cafe!
Check our Giro Section for race updates, on-the-scene reports, and other hijinx.
Featured Stories
FanShots
Quick hits of video, photos, quotes, chats, links and lists that you find around the web.
Recent FanShots
