« previous next »
Pages:  [1]     Go Down

Author Topic: Geekhack is making my anti-virus go crazy  (Read 4359 times)

0 Members and 1 Guest are viewing this topic.

Offline fohat.digs

  • * Elevated Elder
  • Thread Starter
  • Posts: 6471
  • Location: 35°55'N, 83°53'W
  • weird funny old guy
Geekhack is making my anti-virus go crazy
« on: Sat, 05 November 2011, 09:05:51 »
It took several tries just to get on.

Google and Avast are acting like Geekhack is Satan's own website.

What's up?

Can you convince them that you are OK?

Thanks!
Logged
Citizens United violates the essence of what made America a great country in its political system. Now it’s just an oligarchy, with unlimited political bribery being the essence of getting the nominations for president or to elect the president.
So now we’ve just seen a complete subversion of our political system as a payoff to major contributors, who want and expect and sometimes get favors for themselves after the election’s over.”
- Jimmy Carter 2015

Offline laffindude

  • Posts: 1521
  • ( ̽ ¬ ˳¬)
Geekhack is making my anti-virus go crazy
« Reply #1 on: Sat, 05 November 2011, 09:07:30 »
Logged

Offline peda

  • Posts: 206
Geekhack is making my anti-virus go crazy
« Reply #2 on: Sat, 05 November 2011, 09:09:10 »
And really wrong subforum...
Logged

Offline reaper

  • ** Moderator Emeritus
  • Posts: 3067
Geekhack is making my anti-virus go crazy
« Reply #3 on: Sat, 05 November 2011, 09:13:29 »
Only happened to me this mornin'.   Chrome told me not to come here also. lol
Logged
Att fly är livet, att dröja, döden.
Din Eli

Offline bloodygood

  • Posts: 310
Geekhack is making my anti-virus go crazy
« Reply #4 on: Sat, 05 November 2011, 09:32:58 »
The best thing about running Debian GNU/Linux as your main operating system. Warning. Nope. Go anyway. I haven't been worried about going to a website in over four years, so far nothing has gone wrong.
Logged
Current collection: Filco Tenkeyless MX Brown, IBM Model M, Happy Hacking Keyboard Lite II, Dell AT101W.
Looking for: IBM Model M SpaceSaver, HHKB Topre keychain. >> Feedback Thread

Offline laffindude

  • Posts: 1521
  • ( ̽ ¬ ˳¬)
Geekhack is making my anti-virus go crazy
« Reply #5 on: Sat, 05 November 2011, 09:49:41 »
Linux isn't immune to Java exploits. Never take security for granted.
Logged

Offline TacticalCoder

  • Posts: 526
Geekhack is making my anti-virus go crazy
« Reply #6 on: Sat, 05 November 2011, 09:57:27 »
Quote from: bloodygood;446149
The best thing about running Debian GNU/Linux as your main operating system. Warning. Nope. Go anyway.


What do you mean by this: "Warning. Nope."?

I had issues on a Debian 5 + Firefox accessing GeekHack today so I freaked out a bit and I quickly installed a Debian 6 + Google Chrome in a VM (KVM).

You mean you decided not to care about the warning but you still get said warning right?
Logged
HHKB Pro JP (daily driver) -- HHKB Pro 2 -- Industrial IBM Model M 1395240-- NIB Cherry MX 5000 - IBM Model M 1391412 (Swiss QWERTZ) -- IBM Model M 1391403 (German QWERTZ) * 2 -- IBM Model M Ambra -- Black IBM Model M M13 -- IBM Model M 1391401 -- IBM Model M 139? ? ? *2 -- Dell AT102W -- Ergo (split) SmartBoard (white ALPS apparently)

Offline TacticalCoder

  • Posts: 526
Geekhack is making my anti-virus go crazy
« Reply #7 on: Sat, 05 November 2011, 10:02:25 »
Quote from: laffindude;446150
Linux isn't immune to Java exploits.


Well the nice thing about Java on Linux (and this comes from someone mainly developing in Java atm) is that you're not forced to be root to install Java.  Which means you can install, for example, Java in your "development account" if you want to develop in Java and install no Java at all in the account you use for surfing.

I'm typing this from Google-Chrome running in a VM, from a user account that doesn't have Java installed: this surely makes me immune to Java exploits (not that there aren't other types of exploits, like Flash or JavaScript : )
Logged
HHKB Pro JP (daily driver) -- HHKB Pro 2 -- Industrial IBM Model M 1395240-- NIB Cherry MX 5000 - IBM Model M 1391412 (Swiss QWERTZ) -- IBM Model M 1391403 (German QWERTZ) * 2 -- IBM Model M Ambra -- Black IBM Model M M13 -- IBM Model M 1391401 -- IBM Model M 139? ? ? *2 -- Dell AT102W -- Ergo (split) SmartBoard (white ALPS apparently)

Offline laffindude

  • Posts: 1521
  • ( ̽ ¬ ˳¬)
Geekhack is making my anti-virus go crazy
« Reply #8 on: Sat, 05 November 2011, 10:40:27 »
Well, there ya go. Good practices > trusting any OS to do it for you.
Logged

Offline laffindude

  • Posts: 1521
  • ( ̽ ¬ ˳¬)
Geekhack is making my anti-virus go crazy
« Reply #9 on: Sat, 05 November 2011, 11:13:30 »
May be you getting banned again will drive view count up once more. Get on it. ;)
Logged

Offline bloodygood

  • Posts: 310
Geekhack is making my anti-virus go crazy
« Reply #10 on: Sat, 05 November 2011, 11:49:03 »
I always take my security very seriously. I am careful of every website I go to but I am not over cautious. Those people who get their OS infected are not careful or did not have proper precautions. I have backed up files on another hard disc, and my main OS is installed in a small partition that would be very easy to re-write over. So no I am not just trusting the operating system to do it all for me. I just do not need to worry because of years of experience backing up my choices has prepared me for anything.
Logged
Current collection: Filco Tenkeyless MX Brown, IBM Model M, Happy Hacking Keyboard Lite II, Dell AT101W.
Looking for: IBM Model M SpaceSaver, HHKB Topre keychain. >> Feedback Thread

Offline mmmty

  • Posts: 880
  • Location: USofA
  • bang! bang!
Geekhack is making my anti-virus go crazy
« Reply #11 on: Sat, 05 November 2011, 12:09:29 »
I thought ripster broke it again. I'm in [sandboxie] so nothing gets out.
Logged
Keyboardless

Offline file_id

  • Posts: 85
Geekhack is making my anti-virus go crazy
« Reply #12 on: Sat, 05 November 2011, 12:20:20 »
Here is what google is saying. I don't know how much of that would affect a Mac though.

Safe Browsing
Diagnostic page for geekhack.org

What is the current listing status for geekhack.org?
Site is listed as suspicious - visiting this web site may harm your computer.

Part of this site was listed for suspicious activity 1 time(s) over the past 90 days.

What happened when Google visited this site?
Of the 9 pages we tested on the site over the past 90 days, 1 page(s) resulted in malicious software being downloaded and installed without user consent. The last time Google visited this site was on 2011-11-05, and the last time suspicious content was found on this site was on 2011-11-05.
Malicious software is hosted on 1 domain(s), including 91.194.214.0/.

This site was hosted on 1 network(s) including AS30691 (LLDC).

Has this site acted as an intermediary resulting in further distribution of malware?
Over the past 90 days, geekhack.org did not appear to function as an intermediary for the infection of any sites.

Has this site hosted malware?
No, this site has not hosted malicious software over the past 90 days.

How did this happen?
In some cases, third parties can add malicious code to legitimate sites, which would cause us to show the warning message.
Logged
DS3 White YOTS (Blue)|Poker 2 (Blue,Clear)|QFR Rapid-i TKL (Brown,Blue)|QFR Rapid TKL (Blue,Red,Brown)|KBP V60 (Blue,Clear,Matias Click)|Code TKL Clear|Filco MJ2 TKL (Blue)|Filco MJ2 Ninja Beige TKL (Brown)|Novatouch

Offline czarek

  • Posts: 627
  • Location: Poland
  • Keep the momentum going!
    • FalbaTech
Geekhack is making my anti-virus go crazy
« Reply #13 on: Sat, 05 November 2011, 15:09:45 »
LOL be a real geekhacker and remove your antivirus!
Logged
My little ErgoDox / GH60 factory: http://falbatech.pl

Offline Gerk

  • Posts: 448
Geekhack is making my anti-virus go crazy
« Reply #14 on: Sat, 05 November 2011, 18:45:46 »
Google "safe browsing" is trying to actively block the site now too ... every single page load in OSX Lion ends up with this dialog (and requires you to clock through two dialogs to be able to open any page):

[ Attachment Invalid Or Does Not Exist ] 30972[/ATTACH]
Logged
Rosewill RK-9000RE (reds) | Das Keyboard Model S Professional Silent (browns) | Leopold TKL (browns) | F21-7D "Mechanical Keyboard" (Blue Alps) | Filco Majestouch TKL (blues) | Goldtouch V2 x 2 | Matias Ergo Pro x 2 | Kinesis Freestyle Pro (browns) | Kinesis Freestyle Edge (reds)

Offline Gerk

  • Posts: 448
Geekhack is making my anti-virus go crazy
« Reply #15 on: Sat, 05 November 2011, 18:48:39 »
It's probably a compromise thanks to another domain on the same hosting server ... see this report for more info -- it says that the IP based site has infected 229 other domains (and the google report on geekhack says it was likely infected by that IP based site).  Sounds like the hosting company needs to pull their security socks up.

http://google.com/safebrowsing/diagnostic?site=91.194.214.0/&hl=en-us
Logged
Rosewill RK-9000RE (reds) | Das Keyboard Model S Professional Silent (browns) | Leopold TKL (browns) | F21-7D "Mechanical Keyboard" (Blue Alps) | Filco Majestouch TKL (blues) | Goldtouch V2 x 2 | Matias Ergo Pro x 2 | Kinesis Freestyle Pro (browns) | Kinesis Freestyle Edge (reds)

Offline reaper

  • ** Moderator Emeritus
  • Posts: 3067
Geekhack is making my anti-virus go crazy
« Reply #16 on: Sat, 05 November 2011, 18:50:59 »
Both McAfee's SiteAdvisor & Norton's SafeWeb reported no problem with GH.
Logged
Att fly är livet, att dröja, döden.
Din Eli

Offline Gerk

  • Posts: 448
Geekhack is making my anti-virus go crazy
« Reply #17 on: Sat, 05 November 2011, 19:16:09 »
Google won't even let me click through geekhack links in search results now either.

Either google is wrong or those other two sites are wrong.  I tend to trust google more.
Logged
Rosewill RK-9000RE (reds) | Das Keyboard Model S Professional Silent (browns) | Leopold TKL (browns) | F21-7D "Mechanical Keyboard" (Blue Alps) | Filco Majestouch TKL (blues) | Goldtouch V2 x 2 | Matias Ergo Pro x 2 | Kinesis Freestyle Pro (browns) | Kinesis Freestyle Edge (reds)

Offline iMav

  • geekhack creator/founder
  • Location: Valley City, ND
  • "Τα εργαλεία σας είναι σημαντικά."
Geekhack is making my anti-virus go crazy
« Reply #18 on: Sat, 05 November 2011, 21:50:43 »
Rogue javascript removed and security hole patched.
Logged

Offline laffindude

  • Posts: 1521
  • ( ̽ ¬ ˳¬)
Geekhack is making my anti-virus go crazy
« Reply #19 on: Sat, 05 November 2011, 21:52:14 »
<3 iMav
Logged

Offline shawn o

  • Posts: 443
  • Location: Minneapolis, MN
Geekhack is making my anti-virus go crazy
« Reply #20 on: Sat, 05 November 2011, 21:57:40 »
Still can't access site at all with Firefox and when using IE 9 I get an alert and trojen with Microsoft Security Essentials....

[ Attachment Invalid Or Does Not Exist ] 30988[/ATTACH]

[ Attachment Invalid Or Does Not Exist ] 30989[/ATTACH]

[ Attachment Invalid Or Does Not Exist ] 30990[/ATTACH]
Logged

Offline iMav

  • geekhack creator/founder
  • Location: Valley City, ND
  • "Τα εργαλεία σας είναι σημαντικά."
Geekhack is making my anti-virus go crazy
« Reply #21 on: Sat, 05 November 2011, 22:00:39 »
It will take a while for the reputation to be updated...and you are looking at your history tab on the anti-virus/malware; doesn't appear to be happening again.
Logged

Offline Gerk

  • Posts: 448
Geekhack is making my anti-virus go crazy
« Reply #22 on: Sat, 05 November 2011, 22:22:39 »
Quote from: iMav;446461
Rogue javascript removed and security hole patched.


Thanks :)
Logged
Rosewill RK-9000RE (reds) | Das Keyboard Model S Professional Silent (browns) | Leopold TKL (browns) | F21-7D "Mechanical Keyboard" (Blue Alps) | Filco Majestouch TKL (blues) | Goldtouch V2 x 2 | Matias Ergo Pro x 2 | Kinesis Freestyle Pro (browns) | Kinesis Freestyle Edge (reds)

Offline TacticalCoder

  • Posts: 526
Geekhack is making my anti-virus go crazy
« Reply #23 on: Sun, 06 November 2011, 07:58:02 »
Quote from: iMav;446461
Rogue javascript removed and security hole patched.


Out of curiosity and now that it has been patched, could you give us more info? (maybe a link describing the exploit?)

How did you find that it was that particular exploit?  Was it Google telling you about it? (I'm asking because I own two websites : )
Logged
HHKB Pro JP (daily driver) -- HHKB Pro 2 -- Industrial IBM Model M 1395240-- NIB Cherry MX 5000 - IBM Model M 1391412 (Swiss QWERTZ) -- IBM Model M 1391403 (German QWERTZ) * 2 -- IBM Model M Ambra -- Black IBM Model M M13 -- IBM Model M 1391401 -- IBM Model M 139? ? ? *2 -- Dell AT102W -- Ergo (split) SmartBoard (white ALPS apparently)

Offline flyball

  • Posts: 258
Geekhack is making my anti-virus go crazy
« Reply #24 on: Sun, 06 November 2011, 08:06:50 »
Quote from: TacticalCoder;446627
Out of curiosity and now that it has been patched, could you give us more info? (maybe a link describing the exploit?)

How did you find that it was that particular exploit?  Was it Google telling you about it? (I'm asking because I own two websites : )
https://www.vbulletin.com/forum/showthread.php/390631-vBulletin-Security-Patch-for-vBulletin-4-Suite-Only-11-04-2011
Logged
[SIGPIC][/SIGPIC]

Offline laffindude

  • Posts: 1521
  • ( ̽ ¬ ˳¬)
Geekhack is making my anti-virus go crazy
« Reply #25 on: Sun, 06 November 2011, 08:15:05 »
The malware part seems like standard XSS stuff. MS calls it Blacole.s. Not much info about it now, but I think it just another javascript>iframe>Java exploit.
Logged
Pages:  [1]     Go Up
« previous next »