Sign in to follow this  
ShuRugal

Mooney Space appears to be infected with cross site scripting or a redirect attack

Recommended Posts

Clicked to reply with a quote, got redirected to the attached fake virus infection advertisement.

Screenshot_20171029-083646.jpg

Screenshot_20171029-083615.jpg

Share this post


Link to post
Share on other sites

*Members that donate $10 or more do not see advertisements*

That happened to me yesterday. Had to close the window and open a new one, as i couldn't escape it's loop.

Since my recent Android update, I periodically get full screen video ads that pop up at strange times, regardless of what app I'm running. I figured this stupid thing was related to that stupid thing . . . .

Share this post


Link to post
Share on other sites

I was able to make this happen on my Android phone too.  I have always left ads on for my account so it could be coming from a banner ad.  This would be a bit shocking since we are only using Google AdSense which is usually pretty free of malicious ads.  

I have shutoff ads on my account for a while and I will keep testing.  I know these things are smart enough to only do the redirect every day or two so it might take a little while to sniff it out.

Share this post


Link to post
Share on other sites

"Recent adult sites"?  On your phone?  My eyes aren't that good anymore.

  • Like 1

Share this post


Link to post
Share on other sites
On 10/29/2017 at 6:47 PM, Andy95W said:

"Recent adult sites"?  On your phone?  My eyes aren't that good anymore.

And in both those screen shots, theres a bible app icon up top.  No adult sites on this phone or for me in general.  Popups still happening to me even today. 

Share this post


Link to post
Share on other sites
44 minutes ago, NJMac said:

And in both those screen shots, theres a bible app icon up top.  No adult sites on this phone or for me in general.  Popups still happening to me even today. 

Not receiving the bible icon when I get the pop-up.  Same text about "Adult sites" though.  I think it's just a shot in the dark.  Tell enough people you caught them browsing porn, and more than a few will believe it.

Share this post


Link to post
Share on other sites

A simple solution is to kick in a few bucks to support this site. Then the ads go away along with all the issues from ads that are served up.

  • Like 2

Share this post


Link to post
Share on other sites
43 minutes ago, gsxrpilot said:

A simple solution is to kick in a few bucks to support this site. Then the ads go away along with all the issues from ads that are served up.

I think an amount equivalent to ~15 minutes with an avionics shop or less than 1/2 hour with a mechanic is a good amount.

And the ROI in awesome.

  • Like 3

Share this post


Link to post
Share on other sites
1 hour ago, gsxrpilot said:

A simple solution is to kick in a few bucks to support this site. Then the ads go away along with all the issues from ads that are served up.

While what you say is true from an end-user perspective, it is still best-practice for Mooneyspace to ensure that advertisements are not attempting to use the site as an infection vector...

Share this post


Link to post
Share on other sites
31 minutes ago, ShuRugal said:

While what you say is true from an end-user perspective, it is still best-practice for Mooneyspace to ensure that advertisements are not attempting to use the site as an infection vector...

Of course it would be best practice... I make my living in IT Security as well. But you have to understand that MooneySpace is a part time hobby for someone who doesn't even own or fly a Mooney any longer. But thankfully Craig continues to maintain and provide the site that all of us Mooney owners realize as so extremely valuable. But as you know, this stuff doesn't happen for free. And even if Craig doesn't put any monetary value on his time, there are plenty of expenses with running/hosting a forum such as this. Consequently, the ad services that are used, while vetted as well as possible, malware does often sneak through. Even enterprise companies with huge security staff's can't alway ensure that the ad service they use is always clean. 

So in this case we'll all give Craig a pass and will simply thank him for continuing to provide this service years after leaving the Mooney community himself. So do yourself a favor and step up with a donation to support the site and solve the malware problem yourself.

  • Like 3

Share this post


Link to post
Share on other sites
11 minutes ago, gsxrpilot said:

Of course it would be best practice... I make my living in IT Security as well. But you have to understand that MooneySpace is a part time hobby for someone who doesn't even own or fly a Mooney any longer. But thankfully Craig continues to maintain and provide the site that all of us Mooney owners realize as so extremely valuable. But as you know, this stuff doesn't happen for free. And even if Craig doesn't put any monetary value on his time, there are plenty of expenses with running/hosting a forum such as this. Consequently, the ad services that are used, while vetted as well as possible, malware does often sneak through. Even enterprise companies with huge security staff's can't alway ensure that the ad service they use is always clean. 

So in this case we'll all give Craig a pass and will simply thank him for continuing to provide this service years after leaving the Mooney community himself. So do yourself a favor and step up with a donation to support the site and solve the malware problem yourself.

I understand what you are saying, and from the perspective of users on this site, it makes sense.  But the solution of "just cough up a sub so you don't see the infected ad" is a bad one, for several reasons.  The biggest among them being that if the site becomes flagged as infected, it will stop turning up in search engines, and your antivirus software may stop you from visiting it altogether, which would kill the site as effectively as Craig walking away and switching off the server.

 

Even ignoring that extreme eventuality, coughing up a sub is still not an optimal solution:  If I sub and then connect to this site from a device which i am not currently logged-in to, then I will be faced with the advertisements until I log in.  If I am presented with an infected advertisement during that window, then I become infected, and my plan of avoiding infectious ads via subbing fails.

 

It's not about "giving Craig a pass" or not:  Having infected content on this website is directly detrimental to ALL users of the website, subscribed or otherwise.  If you feel that I am wrong to point out that the problem exists so that it may be corrected, then you are certainly entitled to that opinion, but I would posit that dropping a sub and pretending the problem doesn't exist is doing no favors for either Craig or Mooneyspace.

Edited by ShuRugal

Share this post


Link to post
Share on other sites

No, I agree it's right to point it out and as you saw, Craig immediately responded. He monitors this site very closely and consequently most agree that this site is much more pleasant and useful than most other Pilot or Airplane forums.

Having said that, if enough of us would donate to the support of this site, he could do away with Google AdSense altogether.

Share this post


Link to post
Share on other sites
48 minutes ago, gsxrpilot said:

No, I agree it's right to point it out and as you saw, Craig immediately responded. He monitors this site very closely and consequently most agree that this site is much more pleasant and useful than most other Pilot or Airplane forums.

Having said that, if enough of us would donate to the support of this site, he could do away with Google AdSense altogether.

Definitely agree, very fast response from Craig, and this site does seem to be very well maintained.

 

A subscription here is on my "To Do" list, but right now my budget is prioritized with rounding out my PP ticket and taking care of the initial cost-of-purchase expenses for my new bird...

Share this post


Link to post
Share on other sites
19 hours ago, ShuRugal said:

Definitely agree, very fast response from Craig, and this site does seem to be very well maintained.

 

A subscription here is on my "To Do" list, but right now my budget is prioritized with rounding out my PP ticket and taking care of the initial cost-of-purchase expenses for my new bird...

paypal him $10, that shouldn't slow your goals down or put them on hold for any length of time. Convince yourself you will get $10 worth of advice from a few very knowledgeable Mooney people that will undoubtedly save you thousands over the course of you flying and owning a Mooney. That shouldn't be too hard for you to do.

  • Like 3

Share this post


Link to post
Share on other sites
On 11/2/2017 at 9:38 AM, mike_elliott said:

paypal him $10, that shouldn't slow your goals down or put them on hold for any length of time. Convince yourself you will get $10 worth of advice from a few very knowledgeable Mooney people that will undoubtedly save you thousands over the course of you flying and owning a Mooney. That shouldn't be too hard for you to do.

ya talked me into it :P

  • Like 3

Share this post


Link to post
Share on other sites
Just now, ShuRugal said:

ya talked me into it :P

Good on you! Lets help Craig keep this going as we all benefit a lot from it.

Share this post


Link to post
Share on other sites

I just started using Tapatalk to get away from the redirect. Solution seems to work. Guess supporting site does also.

Sent from my SM-G930V using Tapatalk

Share this post


Link to post
Share on other sites
21 hours ago, NJMac said:

I just started using Tapatalk to get away from the redirect. Solution seems to work. Guess supporting site does also.

Sent from my SM-G930V using Tapatalk
 

Are you still seeing this on Android?  Anyone else?  I switched ad providers to see if that fixed it.

Share this post


Link to post
Share on other sites
1 hour ago, mooniac58 said:

Are you still seeing this on Android?  Anyone else?  I switched ad providers to see if that fixed it.

I'm also still seing it on my android tablet. Should I log out and back in?

It also happens sometimes when I'm doing other things and have Chrome minimized . . . So it may not be MooneySpace, but something in the latest android update?

Edited by Hank

Share this post


Link to post
Share on other sites

For whatever reason it seems to only be happening to people that are seeing ads - I was getting it as well (as I always leave ads on for my account).  Once I stopped the ads the issue went away.  It also seems that everyone that has reported this has a basic account which means they also have ads running.

The odd thing is we are now only running Google AdSense for the ads - typically you never have issues like this with them.

Share this post


Link to post
Share on other sites
I'm also still seing it on my android tablet. Should I log out and back in?
It also happens sometimes when I'm doing other things and have Chrome minimized . . . So it may not be MooneySpace, but something in the latest android update?
I've actually been deferring an Android update for close to 3 weeks now. I don't think that would be the answer either

Sent from my SM-G930V using Tapatalk

Share this post


Link to post
Share on other sites
1 hour ago, bluehighwayflyer said:

 I'm not gay

I have to give it to 'em.

Bro, I got some news for you...

 

 

 

 

:P

Share this post


Link to post
Share on other sites
18 hours ago, mooniac58 said:

Are you still seeing this on Android?  Anyone else?  I switched ad providers to see if that fixed it.

I logged back into the site on chrome to edit a post and have been on for about 5 mins and havnt been redirected.  That's a recent record.  Seems like the changes were for the better. 

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
Sign in to follow this