Mooney Space appears to be infected with cross site scripting or a redirect attack

ShuRugal · October 29, 2017

Clicked to reply with a quote, got redirected to the attached fake virus infection advertisement.

**Hank** · October 29, 2017

That happened to me yesterday. Had to close the window and open a new one, as i couldn't escape it's loop.

Since my recent Android update, I periodically get full screen video ads that pop up at strange times, regardless of what app I'm running. I figured this stupid thing was related to that stupid thing . . . .

mooniac58 · October 29, 2017

I was able to make this happen on my Android phone too. I have always left ads on for my account so it could be coming from a banner ad. This would be a bit shocking since we are only using Google AdSense which is usually pretty free of malicious ads.

I have shutoff ads on my account for a while and I will keep testing. I know these things are smart enough to only do the redirect every day or two so it might take a little while to sniff it out.

NJMac · October 29, 2017

I got the same thing 3 times today.

Andy95W · October 29, 2017

"Recent adult sites"? On your phone? My eyes aren't that good anymore.

NJMac · November 1, 2017

On 10/29/2017 at 6:47 PM, Andy95W said:

"Recent adult sites"? On your phone? My eyes aren't that good anymore.

And in both those screen shots, theres a bible app icon up top. No adult sites on this phone or for me in general. Popups still happening to me even today.

ShuRugal · November 1, 2017

44 minutes ago, NJMac said:

And in both those screen shots, theres a bible app icon up top. No adult sites on this phone or for me in general. Popups still happening to me even today.

Not receiving the bible icon when I get the pop-up. Same text about "Adult sites" though. I think it's just a shot in the dark. Tell enough people you caught them browsing porn, and more than a few will believe it.

gsxrpilot · November 1, 2017

A simple solution is to kick in a few bucks to support this site. Then the ads go away along with all the issues from ads that are served up.

**Oldguy** · November 1, 2017

43 minutes ago, gsxrpilot said:

A simple solution is to kick in a few bucks to support this site. Then the ads go away along with all the issues from ads that are served up.

I think an amount equivalent to ~15 minutes with an avionics shop or less than 1/2 hour with a mechanic is a good amount.

And the ROI in awesome.

ShuRugal · November 1, 2017

1 hour ago, gsxrpilot said:

A simple solution is to kick in a few bucks to support this site. Then the ads go away along with all the issues from ads that are served up.

While what you say is true from an end-user perspective, it is still best-practice for Mooneyspace to ensure that advertisements are not attempting to use the site as an infection vector...

gsxrpilot · November 1, 2017

31 minutes ago, ShuRugal said:

While what you say is true from an end-user perspective, it is still best-practice for Mooneyspace to ensure that advertisements are not attempting to use the site as an infection vector...

Of course it would be best practice... I make my living in IT Security as well. But you have to understand that MooneySpace is a part time hobby for someone who doesn't even own or fly a Mooney any longer. But thankfully Craig continues to maintain and provide the site that all of us Mooney owners realize as so extremely valuable. But as you know, this stuff doesn't happen for free. And even if Craig doesn't put any monetary value on his time, there are plenty of expenses with running/hosting a forum such as this. Consequently, the ad services that are used, while vetted as well as possible, malware does often sneak through. Even enterprise companies with huge security staff's can't alway ensure that the ad service they use is always clean.

So in this case we'll all give Craig a pass and will simply thank him for continuing to provide this service years after leaving the Mooney community himself. So do yourself a favor and step up with a donation to support the site and solve the malware problem yourself.

ShuRugal · November 1, 2017

11 minutes ago, gsxrpilot said:

Of course it would be best practice... I make my living in IT Security as well. But you have to understand that MooneySpace is a part time hobby for someone who doesn't even own or fly a Mooney any longer. But thankfully Craig continues to maintain and provide the site that all of us Mooney owners realize as so extremely valuable. But as you know, this stuff doesn't happen for free. And even if Craig doesn't put any monetary value on his time, there are plenty of expenses with running/hosting a forum such as this. Consequently, the ad services that are used, while vetted as well as possible, malware does often sneak through. Even enterprise companies with huge security staff's can't alway ensure that the ad service they use is always clean.

So in this case we'll all give Craig a pass and will simply thank him for continuing to provide this service years after leaving the Mooney community himself. So do yourself a favor and step up with a donation to support the site and solve the malware problem yourself.

I understand what you are saying, and from the perspective of users on this site, it makes sense. But the solution of "just cough up a sub so you don't see the infected ad" is a bad one, for several reasons. The biggest among them being that if the site becomes flagged as infected, it will stop turning up in search engines, and your antivirus software may stop you from visiting it altogether, which would kill the site as effectively as Craig walking away and switching off the server.

Even ignoring that extreme eventuality, coughing up a sub is still not an optimal solution: If I sub and then connect to this site from a device which i am not currently logged-in to, then I will be faced with the advertisements until I log in. If I am presented with an infected advertisement during that window, then I become infected, and my plan of avoiding infectious ads via subbing fails.

It's not about "giving Craig a pass" or not: Having infected content on this website is directly detrimental to ALL users of the website, subscribed or otherwise. If you feel that I am wrong to point out that the problem exists so that it may be corrected, then you are certainly entitled to that opinion, but I would posit that dropping a sub and pretending the problem doesn't exist is doing no favors for either Craig or Mooneyspace.

Edited November 1, 2017 by ShuRugal

gsxrpilot · November 1, 2017

No, I agree it's right to point it out and as you saw, Craig immediately responded. He monitors this site very closely and consequently most agree that this site is much more pleasant and useful than most other Pilot or Airplane forums.

Having said that, if enough of us would donate to the support of this site, he could do away with Google AdSense altogether.

ShuRugal · November 1, 2017

48 minutes ago, gsxrpilot said:

No, I agree it's right to point it out and as you saw, Craig immediately responded. He monitors this site very closely and consequently most agree that this site is much more pleasant and useful than most other Pilot or Airplane forums.

Having said that, if enough of us would donate to the support of this site, he could do away with Google AdSense altogether.

Definitely agree, very fast response from Craig, and this site does seem to be very well maintained.

A subscription here is on my "To Do" list, but right now my budget is prioritized with rounding out my PP ticket and taking care of the initial cost-of-purchase expenses for my new bird...

**mike_elliott** · November 2, 2017

19 hours ago, ShuRugal said:

Definitely agree, very fast response from Craig, and this site does seem to be very well maintained.

A subscription here is on my "To Do" list, but right now my budget is prioritized with rounding out my PP ticket and taking care of the initial cost-of-purchase expenses for my new bird...

paypal him $10, that shouldn't slow your goals down or put them on hold for any length of time. Convince yourself you will get $10 worth of advice from a few very knowledgeable Mooney people that will undoubtedly save you thousands over the course of you flying and owning a Mooney. That shouldn't be too hard for you to do.

ShuRugal · November 3, 2017

On 11/2/2017 at 9:38 AM, mike_elliott said:

paypal him $10, that shouldn't slow your goals down or put them on hold for any length of time. Convince yourself you will get $10 worth of advice from a few very knowledgeable Mooney people that will undoubtedly save you thousands over the course of you flying and owning a Mooney. That shouldn't be too hard for you to do.

ya talked me into it

**mike_elliott** · November 3, 2017

Just now, ShuRugal said:

ya talked me into it

Good on you! Lets help Craig keep this going as we all benefit a lot from it.

NJMac · November 5, 2017

I just started using Tapatalk to get away from the redirect. Solution seems to work. Guess supporting site does also.

Sent from my SM-G930V using Tapatalk

mooniac58 · November 6, 2017

21 hours ago, NJMac said:

I just started using Tapatalk to get away from the redirect. Solution seems to work. Guess supporting site does also.

Sent from my SM-G930V using Tapatalk

Are you still seeing this on Android? Anyone else? I switched ad providers to see if that fixed it.

**Hank** · November 6, 2017

1 hour ago, mooniac58 said:

Are you still seeing this on Android? Anyone else? I switched ad providers to see if that fixed it.

I'm also still seing it on my android tablet. Should I log out and back in?

It also happens sometimes when I'm doing other things and have Chrome minimized . . . So it may not be MooneySpace, but something in the latest android update?

Edited November 6, 2017 by Hank

mooniac58 · November 6, 2017

For whatever reason it seems to only be happening to people that are seeing ads - I was getting it as well (as I always leave ads on for my account). Once I stopped the ads the issue went away. It also seems that everyone that has reported this has a basic account which means they also have ads running.

The odd thing is we are now only running Google AdSense for the ads - typically you never have issues like this with them.

NJMac · November 6, 2017

I'm also still seing it on my android tablet. Should I log out and back in?
It also happens sometimes when I'm doing other things and have Chrome minimized . . . So it may not be MooneySpace, but something in the latest android update?

I've actually been deferring an Android update for close to 3 weeks now. I don't think that would be the answer either

Sent from my SM-G930V using Tapatalk

ShuRugal · November 6, 2017

1 hour ago, bluehighwayflyer said:

I'm not gay

I have to give it to 'em.

Bro, I got some news for you...

NJMac · November 7, 2017

18 hours ago, mooniac58 said:

Are you still seeing this on Android? Anyone else? I switched ad providers to see if that fixed it.

I logged back into the site on chrome to edit a post and have been on for about 5 mins and havnt been redirected. That's a recent record. Seems like the changes were for the better.

**amillet** · November 8, 2017

Effective way to get people to become supporters Craig

Sign In

Mooney Space appears to be infected with cross site scripting or a redirect attack

Recommended Posts

ShuRugal

Hank

mooniac58

NJMac

Andy95W

NJMac

ShuRugal

gsxrpilot

Oldguy

ShuRugal

gsxrpilot

ShuRugal

gsxrpilot

ShuRugal

mike_elliott

ShuRugal

mike_elliott

NJMac

mooniac58

Hank

mooniac58

NJMac

ShuRugal

NJMac

amillet

Members Online

Browse

Activity

Important Information