Anyone else getting a Trojan Horse Virus warning on Milsurps.com?
- Thread starter Coyote Ugly
- Start date
RememberTheSomme
CGN Ultra frequent flyer
- Location
- Nova Scotia
Yes I do as well.
- Location
- West coast of Vancouver Island
Ditto and the Collector's Source also. Malware Warning
Deltasilver
Regular
- Location
- Right behind you...
Confirmed. wtf?
It's likely the database is improperly configured or some page allows unverified inputs that allow some hacker to inject code into the database. They need to get that looked at by a professional, pronto. My company had an issue like that and it cost us $10,000 from a security contractor to get it resolved. It's a pain in the rear.
haretrigger
CGN Regular
- Location
- Lower Mainland, BC
I tried to login to milsurps.com yesterday and AVG blocked access to the site immediately.
Hello folks …. 
Appreciate the heads up …
For the first time in almost 6 years, we had a spammer malware problem last month, but I believe it was cleaned up back then. I just checked again using Microsoft Security Essentials and I'm not seeing any current issues. By the way, for anyone looking for a FREE anti-virus program, believe it or not, it is one of the best ones available for Windows users.
Being a research site highly populated with images, PDF and text document files, plus links to members externally posted references, it's not difficult to pick up a virus which is imbedded within any of these sources we receive. For that reason, a lot of sites (including CGN) place restrictions on allowing members to upload or store files on their internal servers, although even commercial external picture hosting sites have been experiencing problems.
As an example, Imageshack, a well known public host site for pics, was attacked last year by a virus. The virus they got was adding to pics stored on their servers a hidden feature called XSS (cross site scripting) flaw, which executes first some hidden code on the user's computer and then shows the image. Since this technique can be pretty harmful and rapidly propagate itself across the Internet infecting even more computers, images should really not be hot-linked from other sites. Unfortunately, often to save money in bandwidth costs or server storage costs, virtually every site on the Internet permits users to do that, which places everyone using those sites in danger of picking up a virus.
We use special internal Unix based anti-virus server tools to interrogate the site daily at 4:00 am and have found no problems of late, however, we have had folks tell us they've gone out to links from our site (ie: some advertisements) and been warned of a virus there. Lately, I've also had some members say they've been getting warnings from other gun sites they frequent as well, including CGN, Gunboards and CSP.
Just in case, I have now run the entire site through Web Washer and we're clean at this moment, at least as clean as an analysis program that costs $25,000 can assure you. I also did some checking with a friend who deals with virus attacks in his job and he said many browsers have issues which may be causing it to read some site Java code erroneously, when combined with some anti-virus software, so I thought I'd mention it. There can be false positives from Anti-virus programs (Norton use to be notorious for this), corrupt browser caches, or possibly originating from other code resident in a a computer's memory.
For those experiencing problems, I'd recommend everyone CLEAR all your Internet history, browser cache and cookies, then try again to see if you still get a warning.
If that doesn't work, you should download Microsoft Security Essentials I mentioned earlier and run your machine through it. It will automatically protect you using an internal firewall and also during your Internet browsing.
Again, thank you very much for reporting this and we'll keep a close on on our end to make sure we protect the site the best we can, however, if you do feel uncomfortable or insecure at all, we'd recommend you delete your bookmark that points to Milsurps and stop using our site in the future.
Thanks for everyone's concern and support …
Regards,
Doug
Appreciate the heads up …
For the first time in almost 6 years, we had a spammer malware problem last month, but I believe it was cleaned up back then. I just checked again using Microsoft Security Essentials and I'm not seeing any current issues. By the way, for anyone looking for a FREE anti-virus program, believe it or not, it is one of the best ones available for Windows users.
Being a research site highly populated with images, PDF and text document files, plus links to members externally posted references, it's not difficult to pick up a virus which is imbedded within any of these sources we receive. For that reason, a lot of sites (including CGN) place restrictions on allowing members to upload or store files on their internal servers, although even commercial external picture hosting sites have been experiencing problems.
As an example, Imageshack, a well known public host site for pics, was attacked last year by a virus. The virus they got was adding to pics stored on their servers a hidden feature called XSS (cross site scripting) flaw, which executes first some hidden code on the user's computer and then shows the image. Since this technique can be pretty harmful and rapidly propagate itself across the Internet infecting even more computers, images should really not be hot-linked from other sites. Unfortunately, often to save money in bandwidth costs or server storage costs, virtually every site on the Internet permits users to do that, which places everyone using those sites in danger of picking up a virus.
We use special internal Unix based anti-virus server tools to interrogate the site daily at 4:00 am and have found no problems of late, however, we have had folks tell us they've gone out to links from our site (ie: some advertisements) and been warned of a virus there. Lately, I've also had some members say they've been getting warnings from other gun sites they frequent as well, including CGN, Gunboards and CSP.
Just in case, I have now run the entire site through Web Washer and we're clean at this moment, at least as clean as an analysis program that costs $25,000 can assure you. I also did some checking with a friend who deals with virus attacks in his job and he said many browsers have issues which may be causing it to read some site Java code erroneously, when combined with some anti-virus software, so I thought I'd mention it. There can be false positives from Anti-virus programs (Norton use to be notorious for this), corrupt browser caches, or possibly originating from other code resident in a a computer's memory.
For those experiencing problems, I'd recommend everyone CLEAR all your Internet history, browser cache and cookies, then try again to see if you still get a warning.
If that doesn't work, you should download Microsoft Security Essentials I mentioned earlier and run your machine through it. It will automatically protect you using an internal firewall and also during your Internet browsing.
Again, thank you very much for reporting this and we'll keep a close on on our end to make sure we protect the site the best we can, however, if you do feel uncomfortable or insecure at all, we'd recommend you delete your bookmark that points to Milsurps and stop using our site in the future.
Thanks for everyone's concern and support …
Regards,
Doug
FWIW, I just visited using a Windows XP machine running McAffee, a Windows 7 machine running microsoft security essentials and a mac running the latest version of safari.
No issues and no viruses identified.
Are ppl still experiencing any issues?
No issues and no viruses identified.
Are ppl still experiencing any issues?
Badger:
Do you run Google Third Party Ads? I had an issue on a client site where the Third Party Ads loaded via Adsense had some malicious JS embedded in them. The solution was to leave it disabled for a few days and cautiously reenable them, at which point the malicious ads had been pulled. Perhaps you are seeing similar?
Do you run Google Third Party Ads? I had an issue on a client site where the Third Party Ads loaded via Adsense had some malicious JS embedded in them. The solution was to leave it disabled for a few days and cautiously reenable them, at which point the malicious ads had been pulled. Perhaps you are seeing similar?
Deltasilver
Regular
- Location
- Right behind you...
Sitting in front of this fancy new Windows 7 machine and missing my Mac.
I got a screen shot but I can't do anything with it but paste to a Word doc where it's too small to read in it's native format and too distorted to read if I blow it up. Anyways...
AVG, definitions have been updated three times since the first time I got this message:
TROJAN HORSE BLOCKED
Object: http/www.milsurps.com/
Infection: JS:Redirector-MA [Trj]
Action: Connection aborted
Process: C:\Program Files (x86)\Internet Explorer\iexplorer.exe
I got a screen shot but I can't do anything with it but paste to a Word doc where it's too small to read in it's native format and too distorted to read if I blow it up. Anyways...
AVG, definitions have been updated three times since the first time I got this message:
TROJAN HORSE BLOCKED
Object: http/www.milsurps.com/
Infection: JS:Redirector-MA [Trj]
Action: Connection aborted
Process: C:\Program Files (x86)\Internet Explorer\iexplorer.exe
I am using Windows Vista and Opera as a browser because it is 3 times as fast as MS Explorer. When I click on the milsurps pic on my Opera page (I have it permanently loaded), Opera flashes up this big red MALWARE WARNING. So I go past that (which I can do) and go to milsurps..... and the thing flashes that I am on a FRAUD site. This doesn't even make sense: milsurps isn't selling anything!
So I installed AVAST! virus/firewall and I am getting no bleeps, but Opera still is saying this.
And now here is the strange thing: my computer sits about 8 feet away from TWOSTEAM's, we are on the SAME feed....... and she has no trouble at all. Our ISP is a local outfit called rfnow.... and they are on a direct satellite hookup.
Right now, I just wish there were a smiley for throwing one's hands up in the air and stalking off with a disgusted sneer.
MILSURPS is just fine..... but I don't know how to tell this %$&&$# machine that!
.
So I installed AVAST! virus/firewall and I am getting no bleeps, but Opera still is saying this.
And now here is the strange thing: my computer sits about 8 feet away from TWOSTEAM's, we are on the SAME feed....... and she has no trouble at all. Our ISP is a local outfit called rfnow.... and they are on a direct satellite hookup.
Right now, I just wish there were a smiley for throwing one's hands up in the air and stalking off with a disgusted sneer.
MILSURPS is just fine..... but I don't know how to tell this %$&&$# machine that!
.
