Malware Alert - April 29, 2013

I got a malware warning today:

[Google</a> Safe Browsing diagnostic page for collegeconfidential.com](<a href=“http://safebrowsing.clients.google.com/safebrowsing/diagnostic?client=Firefox&hl=en-US&site=http%3A%2F%2Ftalk.collegeconfidential.com%2Fsearch.php%3Fdo%3Dgetnew]Google”>http://safebrowsing.clients.google.com/safebrowsing/diagnostic?client=Firefox&hl=en-US&site=http%3A%2F%2Ftalk.collegeconfidential.com%2Fsearch.php%3Fdo%3Dgetnew)

What’s going on with CC?

I have the same issue. It is very annoying, and makes me wonder if CC actually has become compromised. :open_mouth: Please fix this CC, or update us!!

Could someone be proactive here and suggest that Windows PC users do a malware scan and full virus scan? Please? Boldly at the top of the forums?

This is one of my favorite sites, but chrome is saying it has Malware!? I seriously hope this is a mistake or I am never coming here again as I do a lot of online shopping!

We got the same thing today. It said it was <a href=“http://www.collegeview%5B/url%5D”>www.collegeview</a>

Is anyone addressing this today? It’s still happening.

I don’t know if anyone else is seeing the ads, but I’m getting “Connection reset by peer” where they should be. Since ads aren’t being reliably delivered, Hobsons is losing revenue. They’re working on it. :slight_smile:

I’m having this issue on Chrome. Internet Explorer is fine.

I am getting this in Firefox:

This web page at talk.collegeconfidential.com has been reported as an attack page and has been blocked based on your security preferences.

<pre><code> Attack pages try to install programs that steal private information, use your computer to attack others, or damage your system.Some attack pages intentionally distribute harmful software, but many are compromised without the knowledge or permission of their owners.
</code></pre>

I’ve been warned by Google on my phone/laptop every time I’ve tried to get on the website for the past two days, and Safari has me double-confirm I’m aware that the site may contain “malicious” software every time I open up the site or move to a new page. So far, I’ve only been attempting to view the forums–not the College Search. What do you mean when you say impacted, Lenitus?

There are around four or five threads on this already.

Good!! If our security is being compromised we should be addressing it!! Whats the update- mods and tecchies???

I’m hoping we will get an update from the CC tech team. Until then I have NO INTENTION of using my Windows based machine to access this site.

We saw the malware alert and immediately shut down our ad system. The alerts can linger for many hours, though, as Google needs to recheck the site and they do so on their own schedule.

We always recommend running both real-time protection and conducting regular scans. Many totally legitimate sites run content or ads delivered in real-time from other sites - if the other site becomes compromised, there can be a window when that content is displayed. We think that’s what triggered the alerts here on CC, but our tech folks are still studying the issue. Since we have not conclusively identified the cause of this, in an abundance of caution we have stopped showing all ads, even those we deliver internally. We’re switching to a new ad system which we feel will better protect our site and our members. Thanks for your patience!

MSE did not catch this malware, Roger. If possible, it would be helpful to alert posters if/when you become aware of a breach. Thanks.

Regarding malware protection (MP), consider three scenarios:

(1) You bought your MP a year ago and you encounter a trojan named “Bob” that was written two years ago. Any decent MP should recognize Bob and block him.

(2) You bought your MP a year ago and you encounter a ransomware named “James” that was written six weeks ago. If you don’t have your MP set to update frequently (or if your MP vendor doesn’t stay relatively current with updates), it won’t recognize James and will pass him right through. If you’re getting frequent updates from an MP vendor who’s on his toes, your MP will recognize James and block him.

(3) You bought your MP a year ago, get regular updates, and you encounter a ransomware named “Jim” and you are the first person to encounter him “in the wild” (lucky you). Unless you’re using some of the very best MP, Jim’s getting through. If you are using the very best MP, it’s going to say to itself, “hey, that Jim guy acts an awful lot like that James we saw a couple of months ago” and warn you.

All MP vendors (and individual installs thereof insofar as update frequency is concerned) are not created equal. If you’re interested, check out pcmag.com’s ratings methodology ([How</a> We Interpret Antivirus Lab Tests, 2012 edition | PCMag.com](<a href=“http://www.pcmag.com/article2/0,2817,2391871,00.asp]How”>How We Interpret Antivirus Lab Tests, 2012 edition | PCMag)) and maybe follow some of the links to their ratings and those of the independent labs they use. This might be why jym626’s install of MSE didn’t block the most recent malware and my install of Symantec/Norton did.

Some decent free tools include MalwareBytes, SuperAntiSpyware, and HitmanPro. Because of the variety of stuff out there, I generally run scans with a couple of these periodically even though I’ve got Trend Micro or Norton running full time. Google 'em. Most have paid versions with more features, but all will let you install and scan your machine for free.

Just one more thing. I did NOT get any kind of “warning” on my PC about a malware issue…none at all. If folks on this forum hadn’t posted, I would NOT have known there was an issue. And because I got NO malware warning, I thought all was fine until…we… Until it wasn’t.

So…even if you don’t get a warning, you still can have issues.

We went with the paid version of malware bytes pro…it updates and runs continuously.

Ditto what thumper said. I got NO warning on IE. My spyware/malware protection did NOT detect it. The warning was on Chrome but I dont typiclally use chrome to run CC. Will do more so now, for sure. Still, if you become aware of a problem that could affect us, could you please consider telling us next time?

And we do run the scans frequently and always have the protection on. Get all updates too.

The computer had bot a trojan and exploit infection. Both very severe.

The malware protection I BOUGHT updates daily and runs a scan daily at least once. It is on continually. DH suggested that we get this if I wanted to continue to use this forum. Perhaps it’s overkill, but really…seeing ones computer taken over by a fake FBI site complete with webcam pictures was enough for me to agree!