Welcome, Guest. Please login or register.
Amiga Kit Amiga Store Iridium Banner AMIStore App Store A1200/A600 4xIDE Interface

AuthorTopic: UtilityBase an Attack Site?  (Read 1074 times)

0 Members and 1 Guest are viewing this topic.

Offline EDanaII

UtilityBase an Attack Site?
« on: April 05, 2009, 01:14:46 AM »
I just tried visiting UtilityBase, but got redirected to a web page claiming it was an attack site. Anyone know what's going on there? Has it been compromised? Are they making any efforts to clean it up?

Just wondering what anyone knows...

Ed.
Ed.
 

Offline trekiej

Re: UtilityBase an Attack Site?
« Reply #1 on: April 05, 2009, 01:35:11 AM »
It looks like some Amiga and Aros sites are seen as such.
Amiga 2000 Forever :)
Welcome to the Planar System.
 

Offline Hans_

Re: UtilityBase an Attack Site?
« Reply #2 on: April 05, 2009, 02:46:07 AM »
A few weeks ago (before it was marked as an attack site) visiting utilitybase did indeed trigger a virus/worm/trojan detection warning from avast. It was probably a dodgy ad provider. Since then it appears to have been fixed, but I still get the "attack site" warning.

I'm guessing that it might take a while before it's removed from the "attack site" list.

Hans
http://hdrlab.org.nz/ - Amiga OS 4 projects, programming articles and more. Home of the RadeonHD driver for Amiga OS 4.x project.
 

Offline prowler

Re: UtilityBase an Attack Site?
« Reply #3 on: April 05, 2009, 04:57:05 AM »
Unless the offending malware gets removed, when using Firefox it will be classified as a 'Reported Attack Site'. Basically, whoever runs the site/server will need to remove any malware/dodgy software and wait for the google system to scan it and see it is safe again for the worning to be removed.

Generally, this happens when a script kiddy compromises a site due to software versions in use on it are not being kept up to date.
 

Offline Jose

Re: UtilityBase an Attack Site?
« Reply #4 on: April 13, 2009, 10:09:33 PM »
Still down, I can't believe it...
\\"We made Amiga, they {bleep}ed it up\\"
 

Offline LoadWB

Re: UtilityBase an Attack Site?
« Reply #5 on: April 13, 2009, 10:27:55 PM »
According to Google's SafeBrowsing diagnostic there are two links of concern, one of which has apparently been cleared up.

I would assume that problem is either a third-party ad server, forum spam, or other compromise which allowed links to Bad Sites(tm) to appear.

There's a forum post which describes the issue called "LuckySploit Trojan HERE!?!?"  Olaf makes a good point, and I quote it below to encourage members of AO not to make the same potential mistake:

Quote
obarthel doth sayeth:

But then these IPv4 addresses now show up in the forum entries which quote the Google description of the issue. You might want to remove these from the text, just in case Google's scanner doesn't know how to tell a forum entry and a JavaScript hack apart and only keys off the IPv4 addresses.
 

Offline Jose

Re: UtilityBase an Attack Site?
« Reply #6 on: April 13, 2009, 11:58:16 PM »
I can't log in there with FireFox, after the warning message if I log in it displays another warning message and then shows the page to create a new account...
Don't wanna risk infecting this computer as it has some important stuff....
\\"We made Amiga, they {bleep}ed it up\\"