PC Malware Warning on TO Today.

Discussion in 'News & Features' started by Kane, Nov 1, 2012.

  1. Kane

    Kane Administrator Staff Member

    Earlier today, Curse was notified by Google that there was a known malicious script being served though some of our sites. Upon further inspection, Curse has determined the script was being served through ad placements from a 3rd party. These ads were being served as they normally would; however, due to a security breach at the 3rd party, a malicious JS (Javascript) was being served that was put in their passback system.

    We have managed to identify the 3rd party, who is well known to be trusted, as the source of the script. They have been contacted about the compromise, and have removed the malicious script being served to not only Curse, but possibly everyone with whom they work. They are still investigating the breach.

    Curse takes security extremely seriously, and has removed all 3rd party ad partners until the investigation is complete. We will keep you informed of the outcome of this investigation. In the meantime, we recommend you run a malware scan on your computer. You can run a free scan at http://www.malwarebytes.org/. We sincerely apologize for this inconvenience.

    At no time was any information in our databases compromised - your logins, user info, and all other personal information is safe and sound! We will continue to monitor the situation, just to be on the safe side.
  2. Ijwu

    Ijwu Crimera

    Stir up trouble how?
  3. TUN3R

    TUN3R Cursed Skull

    People were probably dumb enough to click it. Wouldn't surprise me.
  4. Ijwu

    Ijwu Crimera

    Looking at the title, I guess it infected those who clicked it. I would imagine such an ad designed to lure people to click it. That's the purpose of ads on websites after all. Interest people and hopefully get the people to click on them.

    I'd like, however, more information than the very, very, vague bits that Kane gave. What was the ad? Do the Curse admins know where it came from? What guarantees do we have that this won't happen again? Why should I disable ad-block on Curse websites if this happens?
  5. Oranje

    Oranje THE Orange Troll

    What ad?
    Gmodlol61 likes this.
  6. W1K

    W1K Bumping into people without being here

    Why people so lazy to not use adblock.
  7. TUN3R

    TUN3R Cursed Skull

    Or simply avoid clicking it? I haven't seen any pop-up ads on Curse sites... yet...
  8. Ijwu

    Ijwu Crimera

    You missed the point. Ads are made to be clicked. If EVERYBODY stops clicking on EVERY ad, then there's no point. That whole source of revenue dies. I don't think anyone uses pop-ups anymore, as I haven't seen them very recently. There's no way to tell which ad is infectious as it's most likely designed to be disguised. So I don't think it's as easy as "just don't click it."
  9. Cue

    Cue Green Slime

    AdBlock or not, Google are going to pick it up and that's what the trouble was. It wasn't people complaining after clicking it, Google detected the ad and now marks half of the Curse network as bad.
  10. Ijwu

    Ijwu Crimera

    Elaborate, please. I'd like to know more.
  11. Kane

    Kane Administrator Staff Member

    I doubt anyone had actually clicked it btw. This usually just happens having the AD show up and bots and such crawling the site cause the detection and alert goes up.

    You would be amazed how many google bots crawl each site at once.. It's kind of cool almost like a virus that just multiplies hehe.
  12. Cue

    Cue Green Slime

    Google's spider crawls over sites on a regular basis, sometimes daily (I think it's based on ranking and such). When it does so, it also scans the site for anything malicious, including links and embedded malware.

    The ad was picked up by this, so now Chrome (and FF?) users get the warning on some Curse sites (MinecraftForum.net has it I know that much), as well as anyone who browses to the same sites via Google search results.

    Here, have a report.
  13. Ijwu

    Ijwu Crimera

    Well, that's nice to know that Google seems to be the pseudo-ad-police.

    The main problem of course is how it got to be on the network in the first place. Was it a fluke on the ad providers part? Did somebody do their job incorrectly? Am I totally missing the point? More information is always helpful.

    Merged by Loki ISP: do not double post.

    Thank you very much! I appreciate that you took the time to elaborate and link. Thanks again.
  14. Cue

    Cue Green Slime

    Occasionally a dodgy ad will sneak through.
  15. Tunnel King

    Tunnel King Moderator Staff Member

  16. Nakano15

    Nakano15 Devourer

    I didn't have seen these ads,cuz my google chrome blocked on the same time it tried to load.Saint chrome.
  17. NeonJ

    NeonJ Dark Caster

    Looks like this is happening with the MCForums and Wiki too. I have an AdBlock on, but it looks like this ad issue has affected a lot of sites...
  18. Nakano15

    Nakano15 Devourer

    uh,i think that it's affecting curse sites in general.
  19. TUN3R

    TUN3R Cursed Skull

    You're right, I can't see your point anywhere... someone is forcing you to click ads? :-/
  20. Ijwu

    Ijwu Crimera

    Yeah, I think we're at a misunderstanding. From you said in your previous posts it seems you're saying that it should be easy enough to just not click malware afflicted ads.

    In retaliation, I say that it's the very nature of ads to be clicked, also that malware afflicted ads would not be easy to avoid.

    Does that sound right? Did I understand your point?

Share This Page