Is ASN ill?? Virus???
- Thread starter Ads
- Start date
DaveA3
Audi A-Trizzle!
shows how unsafe IE is. You can add it to the exception list for now (in firefox and chrome) so it will work properly then. Question is, is it definately 100% safe now? Google confirms nothing has been found today but as i use this site at work im a bit skeptical
Yep, the dodgy stuff has gone.
I have to be honest i did manually check before accessing the site myself and the code has deffo gone
I have to be honest i did manually check before accessing the site myself and the code has deffo gone
I found I was being diverted else where when clicking the links in the homepage, something ain't quite right me thinks
- Joined
- May 23, 2004
- Messages
- 3,326
- Reaction score
- 201
- Points
- 63
- Location
- Preston
- Website
- www.audi-sport.net
The silver lining on these dark-cloud admin issues is the fun derived from running a back-office sweep to see if anyone guesses what's going on correctly 
Alas this time, nobody gets the cigar.
So, first of all - the vBulletin hack suggestion (including much outdated video) is wide of the mark. Just to satisfy curiosity, the security hole was actually in the code of the advertising system used on ASN (which confused us a bit because that's been fairly watertight until this hiccup). There was even a clue for you... The banner ads have disappeared.
Anyway, the advertising software has been plugged; but we're going through the new version with a fine-tooth comb before it goes back on.
So, where we're at right now...
1) ASN IS CLEAN AGAIN. The malicious iframe code is now gone; integrity has been checked in the back-end.
2) FTP and ADMIN access to the server/vBulletin were never compromised, but login credentials have been refreshed just in case.
3) If you're still having problems, you've got:
a) something cahced
b) a weird little issue seemingly caused by Firefox and the Google attack-site warning page.
...to expand on that last point...
a) If you're getting any weird warnings in ANY BROWSER, or problems with pages not being displayed correctly.
i) Navigate away from ASN.
ii) Clear your temporary internet files/recent browsing history - USE ANY 'ADVANCED' OPTIONS PANE YOU CAN TO ENSURE ALL YOUR BROWSER'S CACHE IS DELETED - INCLUDING COOKIES
iii) Close and re-start your browser before revisiting ASN.
...if problems persist it may be because of:
b) I just had a weird issue in that Firefox was still misbehaving with ASN, regardless of the fact the malicious code is definitey gone, and I'd cleared everything from my cache. I uninstalled and re-installed Firefox, and it worked fine on the first visit, but then went back to displaying pages with incorrect formatting.
It SEEMS to be related to Google attack-site warning page. While I was having problems with the site, I'd been clicking the 'Ignore this warning' link at the base of the page; when I disabled that, Firefox has settled-down nicely. To disable it, I opened the Firefox options (Tools, Options...) and selected the 'Security' tab. I un-ticked the 'Block reported attach sites' box and hit OK. Did Ctrl+F5 to force refresh the page, and it's fine now. I've again checked the code being parsed by the browser and there's nothing nasty there; also I've TWO fairly aggressive anti-virus/malware systems running on this laptop, and both of them are cool beans.
...It might be worth giving that a try - BUT DO IT AT YOUR OWN RISK - IF YOU'RE A FAN OF CRACKED SOFTWARE OR WEIRD PORN SITES, YOU'RE GOING TO NEED TO REMEMBER TO TURN IT BACK ON.
Now, as regards the Google attack site warning page itself...
The long and short of it is they're incredibly fast to stick a site on the blacklist, and not so spritely removing it. We're leaning on them and we will be off the list ASAP.
Cheers,
Rob.
ASN Admin Team
Alas this time, nobody gets the cigar.
So, first of all - the vBulletin hack suggestion (including much outdated video) is wide of the mark. Just to satisfy curiosity, the security hole was actually in the code of the advertising system used on ASN (which confused us a bit because that's been fairly watertight until this hiccup). There was even a clue for you... The banner ads have disappeared.
Anyway, the advertising software has been plugged; but we're going through the new version with a fine-tooth comb before it goes back on.
So, where we're at right now...
1) ASN IS CLEAN AGAIN. The malicious iframe code is now gone; integrity has been checked in the back-end.
2) FTP and ADMIN access to the server/vBulletin were never compromised, but login credentials have been refreshed just in case.
3) If you're still having problems, you've got:
a) something cahced
b) a weird little issue seemingly caused by Firefox and the Google attack-site warning page.
...to expand on that last point...
a) If you're getting any weird warnings in ANY BROWSER, or problems with pages not being displayed correctly.
i) Navigate away from ASN.
ii) Clear your temporary internet files/recent browsing history - USE ANY 'ADVANCED' OPTIONS PANE YOU CAN TO ENSURE ALL YOUR BROWSER'S CACHE IS DELETED - INCLUDING COOKIES
iii) Close and re-start your browser before revisiting ASN.
...if problems persist it may be because of:
b) I just had a weird issue in that Firefox was still misbehaving with ASN, regardless of the fact the malicious code is definitey gone, and I'd cleared everything from my cache. I uninstalled and re-installed Firefox, and it worked fine on the first visit, but then went back to displaying pages with incorrect formatting.
It SEEMS to be related to Google attack-site warning page. While I was having problems with the site, I'd been clicking the 'Ignore this warning' link at the base of the page; when I disabled that, Firefox has settled-down nicely. To disable it, I opened the Firefox options (Tools, Options...) and selected the 'Security' tab. I un-ticked the 'Block reported attach sites' box and hit OK. Did Ctrl+F5 to force refresh the page, and it's fine now. I've again checked the code being parsed by the browser and there's nothing nasty there; also I've TWO fairly aggressive anti-virus/malware systems running on this laptop, and both of them are cool beans.
...It might be worth giving that a try - BUT DO IT AT YOUR OWN RISK - IF YOU'RE A FAN OF CRACKED SOFTWARE OR WEIRD PORN SITES, YOU'RE GOING TO NEED TO REMEMBER TO TURN IT BACK ON.
Now, as regards the Google attack site warning page itself...
The long and short of it is they're incredibly fast to stick a site on the blacklist, and not so spritely removing it. We're leaning on them and we will be off the list ASAP.
Cheers,
Rob.
ASN Admin Team
Last edited:
Thanks for all the info Rob!
Had problem accessing the site on Firefox but IE8 went straight through.... Everything up to date with IE8. I normally only use it to log in to work because the system won't allow me using any other browser.
That's why I have stopped using IE when it was still at version 6 for general browsing.
Opera & Chrome are my tools of choice.
Had problem accessing the site on Firefox but IE8 went straight through.... Everything up to date with IE8. I normally only use it to log in to work because the system won't allow me using any other browser.
That's why I have stopped using IE when it was still at version 6 for general browsing.
Opera & Chrome are my tools of choice.
- Joined
- May 23, 2004
- Messages
- 3,326
- Reaction score
- 201
- Points
- 63
- Location
- Preston
- Website
- www.audi-sport.net
No worries. Will update if/when things develop...
I keep forgetting about Opera. Weird considering that's what I use on (one of the OSes) on my phone.
Don't get me started on Chrome though. Sheesh.
Rob.
I keep forgetting about Opera. Weird considering that's what I use on (one of the OSes) on my phone.
Don't get me started on Chrome though. Sheesh.
Rob.
BlueSpark
6th Gear
ok glad to hear that it is sorted and i'm not the only one experiencing problems with firefox. IE8 just lets me straight in...just goes to show how crap the security is on it!! lol
- Joined
- Jul 4, 2007
- Messages
- 17,105
- Reaction score
- 719
- Points
- 113
- Location
- Salford, Manchester
- Website
- www.facebook.com
swarcup
Registered User
filled my work computer full of viruses. not happy at all. only just plucked the courage to have another look but i just had to say something. sharnt be on here anymore
Unfortunatly it was beyond everyones control, as soon as it could be, it was shut down.
I don't know what else to say.
Andy Crooks
Registered User
- Joined
- Feb 11, 2011
- Messages
- 1,442
- Reaction score
- 144
- Points
- 63
- Location
- Worcester
- Website
- www.facebook.com
by the sound's of whats been said i wouldnt say its admin's fault (please correct me if i am wrong) and that they have acted in the best possible way that they could
- Joined
- May 23, 2004
- Messages
- 3,326
- Reaction score
- 201
- Points
- 63
- Location
- Preston
- Website
- www.audi-sport.net
Most probably bud, but for a change (phnarr) I've been having some dark days for a while. Just getting back around to reality, catching up with things slowly; I'll get to it as I'm chunking through things, but if it's urgentio maximo, fire it over again and I'll look quick sharp.
Here's the thing, the decent soul in me wants to apologise; but just as you 'had to say something', I'll have a little vent too. That's not entirely a big, pragmatic, or even particularly rational view in my humble opinion. OK, there was malicous code in ASN pages for a little while; but the way that got in was through an exploit in code that we didn't write, and is in a widely used package that has historically always been pretty secure. As soon as it was brought to our attention we began investigating, and when it became apparent it was going to take a little while to ensure the site was clean again, we took it offline.
I don't think that's a particularly embellished version of events, and in those terms you could perhaps liken it to buying a car and at some point finding a fault; the dealership acting on it as soon as they could, looking out for your interests while the work was carried out, and ensuring the job was done properly before your car returned. ...Then you walking into the service manager's office with a complaint about customer service.
I hope if you are leaving us with those as your final words, that we're not alone, and your works' IT deparment will get some stompy-feet too; because I'd be at least as concerned that there was a lack of adequate internet security software on a corporate machine. I'm running nothing particularly fancy here - Firefox browser and two off-the-peg security packages, and nothing got far enough in on my machine for them to even throw up red alerts.
Of course you're welcome back here whenever, should you reconsider; but if you do return, please be prepared to see the bigger picture.
All the best,
Rob.
Nail + Head.
Couldnt agree more with Rob, ASN wasnt to blame bottom line, as annoying as it was for you, start looking towards your IT department for not securing your machine properly in the 1st place, as even my free security software picked it up immediately.
This is no reason not to use the site IMHO, but your choice, I hazard a guess you'll be back.
mikeyg
Registered User
Thanks team - was frustrating when I couldn't get on but FF protected me well and Symantec didn't even need to get involved in protecting me.
I Appreciate all your hard work.
Paul
I Appreciate all your hard work.
Paul
Nail + Head.
Couldnt agree more with Rob, ASN wasnt to blame bottom line, as annoying as it was for you, start looking towards your IT department for not securing your machine properly in the 1st place, as even my free security software picked it up immediately.
This is no reason not to use the site IMHO, but your choice, I hazard a guess you'll be back.
And anyway...why are you using a works computer to look at ASN ? Do they pay you to do that .......lol seems to me you got caught out and who's fault is that
- Joined
- May 23, 2004
- Messages
- 3,326
- Reaction score
- 201
- Points
- 63
- Location
- Preston
- Website
- www.audi-sport.net
Yep; as above - Firefox and other browsers using Google Attack-Site warnings will now let you back in with these features turned on; Google confirmed a clean bill of health for Audi-Sport.net today
Cheers,
Rob.
Cheers,
Rob.
Andy Crooks
Registered User
- Joined
- Feb 11, 2011
- Messages
- 1,442
- Reaction score
- 144
- Points
- 63
- Location
- Worcester
- Website
- www.facebook.com
Turkster
W.Bro.Paul 2.0d Q5 Quattro
FIREFOX has just this last few mins blocked our forum again, is someone attacking our site again? get me there addressa and i will go round and give them a virus up there jacksee's.
12:40pm on 22 march
12:40pm on 22 march
- Joined
- Nov 24, 2010
- Messages
- 15,084
- Reaction score
- 1,131
- Points
- 113
- Location
- Plymouth
- Website
- wheelsnwires.blogspot.com
Turkster
W.Bro.Paul 2.0d Q5 Quattro
- Joined
- Nov 24, 2010
- Messages
- 15,084
- Reaction score
- 1,131
- Points
- 113
- Location
- Plymouth
- Website
- wheelsnwires.blogspot.com
It was proven how true and usefull that was last time this happened.
If you have good AV, just turn the warning off and carry on as normal.
My Google Chrome is picking up the virus thingy again with a warning screen before i enter ASN. It was fine after the last time it got resolved and was fine this morning. I've just come on a few mins ago and it came up again.
TheButtonz
Registered User
OldRedEyes
Registered User
I use linux on my laptop and also firefox, no problem's at all
Is everyone running windows who is getting the problem?
Is everyone running windows who is getting the problem?
