Tainted ads punt scareware to surfers on LSE and Myvue sites
Several highly trafficked UK sites – including the website of the London Stock Exchange – served malware-tainted ads as the result of a breach of security by a third-party firm they shared in common. Surfers visiting auto-trading site Autotrader.co.uk and the cinema site Myvue.com were also exposed to the attack, which stemmed …
This topic is closed for new posts.
How long?
How long before El Reg serves up malwatre adverts?
Time for El Reg to get rid of adverts!!!
Always ahead of the pack..
El Reg has always been ahead of the pack: http://www.theregister.co.uk/2004/11/21/register_adserver_attack/
ebay.co.uk was tainted
ebay.co.uk definitly was serving tainted adds. Got past Avast and could not be removed by it.
Agreed
Confirmed here too. I'm currently cleaning 2 laptops of friends who are usually quite good at not getting infected.
Re: Agreed
Ditto here, though I did ask my colleague what porn websites his wife had been visiting. He was adamant it was John Lewis, and Persian carpets*.
* Didn't have the presence of thought to mention rug munching.
Me too
I had this try to get onto my PC via ebay, it got caught by Kaspersky :)
Tried to send ebay a message to tell them. It's official that they have the worst contact site in existence, the contact us page when not pointing back to itself sent me to the tech support page which sent me to itself or the contact page. Round and round in circles. All I wanted was an email address or a contact form that let me sent a message.
Any bad press they get over this they deserve I reckon as they refuse to let anyone talk to them.
ebay confirmed
I was on there last night/this morning and one of their ads tried to get me to execute some kind of remote desktop thing.
aha, it WAS ebay!
Wondered why AVG was flagging up alerts on ebay.co.uk yesterday... Thought it was a false positive
Ebay Hit By Home Security 2011 Malware
Many people were hit by the Home Security 2011 malware whilst using ebay over the weekend.
Doing some searching this morning on various forums at it seems that there were a *lot* of people infected by it.
From reports on the ebays forums it seems like they CGAF.
Oh dear
Had a single instance of a known bad site flag up in chrome on the weekend when accessing Statcounter. Same thing?
Trafficking websites.
Have these websites been highly trafficked, or were they just busy? Like, having high traffic levels ... .. .
IMDB
I was checking the details of a few movies yesterday on imdb.com and Kaspersky was flagging up all sorts of trojans/malware attempting to install. Damn adverts...
Adblock is a security feature
Another reason to block ads on sites. I know it's not good for website revenue, but malware served through third party adverts is one of the main reasons I use Adblock and Noscript in Firefox.
tell me about it
'system tools' got past panda = system restore.
ebay was affected
I can also confirm that eBay UK was hit by this. My missus told me she had a virus scanner pop up appear as she was viewing a page yesterday afternoon.
+1 for ebay
Three infections to deal with over the weekend.
All from ebay.
Explains all the phone calls
Im just a small local pc repair guy I usually get called out to two viruses a week. I had over ten virus related calls between saturday and today (monday). My weekend went 'poof!' but I can take the rest of the week off now ;) Time to settle down for my belated weekend pint now.
Many affected in Sheffield
Many of my computer repair clients and those of my competitors in Sheffield reported this problem Sunday/Monday. Some reported visiting ebay.co.uk
Many affected in Sheffield
Many of my computer repair clients and those of my competitors in Sheffield
reported similar problems on Sunday and Monday. Clients mentioned visiting
ebay.co.uk.
Thick and fast
In our computer shop we've had half a dozen machines relating to this in the last couple of days - mainly with the fake System Tools malware on it.
Anyone got a quick fix/good tool to remove it?
Anon.
Ah that's where it came from
I was wondering how my mother-in-law's computer became infected with this over the weekend...
A safe boot with networking enabled and malwarebytes stopped it , though it still has a few traces in the registry.
Turned off both Avast and microsoft security essentials though..
web scareware malvertising
What computer desktop Operating System are we not supposed to mention here ?
Confirmed
We have had to clean a number of laptops at the school I work for, that were used over half term by staff. Time to add extra protection me thinks as ironically user education is a waste of time.
Adblock plus anyone? Also SpyBot SD does a good job at imunising too, it blacklists a ton of known nasty sites.
Still, my private work is ramping up a bit. *rubs hands*
For those that don't know how to remove this little gem - boot into safe mode and run malwarebytes anti-malware. It does the trick nicely. Or take the hard disk out and scan it on another computer with the same software.
I wonder how many people's credit card numbers are now in the hands of the malware writers?
Weekend from Hell
Reading comments explains how so many people had this the weekend.
My company repaired many pc's over the weekend with the same virus.
To help out....
Boot in SAFE MODE
Restore to previous date before infection
Boot UP (keeping fingers crossed)
Update AV Software
Run full scan
We installed Spy Bot Search and Destory and Immunised the PC then ran a full scan.
This seemed to fix everyone .
Some of these scams....
...also mess with the settings in Internet Explorer, just to convince you that you do have a genuine virus on your PC. I don't know whether they alter the settings in other browsers too. I do know that Malwarebytes Anti-Malware doesn't restore the correct settings, which means that the scary messages go away but IE doesn't bring up web pages despite the network connection appearing to be OK.
The setting that gets changed relates to Proxy Servers. Simply removing any trace of proxy settings resolves the problem.... unless your setup uses a Proxy Server for some reason!
I hope some of you find this useful as I have recently encountered several machines that misbehaved in this way after being 'cleaned'.
Ebay knew about this on Sunday
I rang ebay on Sunday nd told them that their ads were the issue, they asked me to forward details with screen shots of AVG's Detection to an Email address that proved to be dead
here it is
Hello,
Thank you for taking the time to send your email. However, the email
address you used to send the email can no longer be used to contact eBay
UK customer support.
The best way to contact eBay is to copy the below link in a new browser
window.
http://contact.ebay.co.uk/ws/eBayISAPI.dll?ContactUsNextGen&query=636&domain=AR&from=freeform
Firstly sign in with your eBay User ID.
Please use the ?search box? in the centre of the page to tell us about
your issue or select one of the most common topics. This way, we can
recommend the best way for you to contact us and thus providing you with
a better, streamlined experience.
We know your time is valuable and we appreciate you taking the time to
express your concern with us. Please do not respond to this email. Any
email sent as a response to this Acknowledgement will not reach us.
Regards,
eBay Customer Support
I also Emailed SKYNEWS and the register...hmmm no one listening again..
This topic is closed for new posts.
