• Log in with Facebook Log in with Twitter Log In with Google      Sign In    
  • Create Account
  LongeCity
              Advocacy & Research for Unlimited Lifespans

Photo
- - - - -

advertising malware?

forum hacking android issues

  • Please log in to reply
32 replies to this topic

#1 BlueCloud

  • Guest
  • 540 posts
  • 96
  • Location:Europa

Posted 27 October 2013 - 03:25 PM


Ok, this is strange... A couple of weeks ago, I started having some weird issues everytime I check Longecity's forums on my iPad. Sometimes I try to open a thread, and Safari ( on iPad) immediately quits and launches the Appstore to take me to some same stupid game . Sometimes I can't even open the thread at all as it does that every single time, and had to get to my Mac to be able to read the thread. The first times I thought it was just some new ways to do ads on the forum, but I doubt it as I've never seen anything this aggressive.

Today , on my Mac using Safari, I clicked on a thread here to read it, and instead of opening it, it launched 5 or 6 windows including some porn sites .
This ONLY happens on Longecity's forums, and over the 3 years i had an iPad and used it every day to surf the web with Safari, i have NEVER seen anything like that , wich really lead me to think that the forum might been have hacked in some way or another...

Edited by caliban, 19 November 2013 - 12:15 AM.
title


#2 YOLF

  • Location:Delaware Delawhere, Delahere, Delathere!

Posted 27 October 2013 - 06:08 PM

Advertising... It doesn't want you to read longecity... it only wants you to buy the app! That's just advertising for you. It might be a sabatage ad too. A form of interbusiness terrorism. Maybe it doesn't want you to buy it?

#3 rwac

  • Member
  • 4,764 posts
  • 61
  • Location:Dimension X

Posted 27 October 2013 - 06:46 PM

Hmm, can you check if you're infected with some sort of malware or browser hijack?

Can you try a different browser, since both are safari?
How about a different ipad or mac?

Can you save a copy of the webpage and zip and upload it here when it does that?

Edited by rwac, 27 October 2013 - 07:09 PM.


#4 BlueCloud

  • Topic Starter
  • Guest
  • 540 posts
  • 96
  • Location:Europa

Posted 29 October 2013 - 10:55 AM

ok, this happened today again while checking the forum on my Mac. It launched a new window leading to a game, then while checking another thread it launched another window wich links leads this time to a "502 bad gateway" message. I've put both links on an attached text file to avoid posting them here. Hope this helps. It's really the first time I've seen something similar happen on the Mac or on the iPad. Will be checking from other browsers.

Attached Files



#5 rwac

  • Member
  • 4,764 posts
  • 61
  • Location:Dimension X

Posted 29 October 2013 - 11:19 AM

I just googled avazutracking and it seems like it's a browser hijack of some kind.

Did you install any suspicious programs (might be a download manager) recently?
It might be a browser addon like a toolbar or plugin or extension.

https://www.google.c...i avazutracking

Edited by rwac, 29 October 2013 - 11:20 AM.


#6 BlueCloud

  • Topic Starter
  • Guest
  • 540 posts
  • 96
  • Location:Europa

Posted 29 October 2013 - 11:23 AM

mmm... haven't downloaded anything suspicious on the Mac, didn't install any extensions recently on Safari for the mac.
Also Safari on the iPad doesn't even allow installation of any extensions or plugins at all. Don't even know how it could be hijacked...

#7 rwac

  • Member
  • 4,764 posts
  • 61
  • Location:Dimension X

Posted 29 October 2013 - 11:53 AM

You aren't using a free internet provider by any chance, are you?

Also, can you check to see if your homepage has been redirected?

Have you tried clearing your website data on the ipad?

settings>safari>advanced >website data

#8 BlueCloud

  • Topic Starter
  • Guest
  • 540 posts
  • 96
  • Location:Europa

Posted 29 October 2013 - 11:57 AM

Same (paying) internet provider at home for years.
Homepage still the same.
I just cleared all cookies and history both on iPad and Mac right now. I usually do it every couple of days. Maybe I forgot to do it on the iPad. I'll report if this happens again.

#9 BlueCloud

  • Topic Starter
  • Guest
  • 540 posts
  • 96
  • Location:Europa

Posted 29 October 2013 - 03:16 PM

well, despite clearing all cookies , it happened again while browsing the forum, and without even opening any thread, just while I was reading one. This time I saw three adserver names quickly redirecting to each other before landing on another dumb game : "adserverplus.com" leading to "mmotraffic" leading to "avazutracking" leading finally to a stupid mmo game wich i won't mention the name.

I'm excluding the possibility of the browser being compromised, or viruses, since this happens on the iPad ( non-jailbreaked) as well.
According to this website : http://www.thesafema.../ it's either my network being compromised ( if this doesn't happen when i'm using other networks), or the forum has really been injected with some malicious code.
I will test the forum on my iPad tomorrow on different networks outside home and see what happens.

#10 rwac

  • Member
  • 4,764 posts
  • 61
  • Location:Dimension X

Posted 29 October 2013 - 03:19 PM

Have you tried clearing your DNS cache?

#11 BlueCloud

  • Topic Starter
  • Guest
  • 540 posts
  • 96
  • Location:Europa

Posted 29 October 2013 - 03:26 PM

ok, i just cleared the DNS cache on the mac. (there's no way to do that on the ipad as far as I know except for "reset network settings" )

EDIT : lol, just after resetting the DNS and clearing the cache and cookies again on Safari, I got redirected again...
I'll try tomorrow from an outside internet connection.

EDIT 2 : also, this is unrelated but very hilarious coincidence, check what the link for this thread is "66666" :laugh:

Edited by BlueCloud, 29 October 2013 - 03:38 PM.


#12 BlueCloud

  • Topic Starter
  • Guest
  • 540 posts
  • 96
  • Location:Europa

Posted 31 October 2013 - 11:15 AM

So, I've been having this issue constantly and can't browse the forum for more than a couple of minutes without being redirected, but I think I've cornered the issue:

- It's not a malware or anything like that.

- Not a general issue with DNS being redirected , otherwise all my websurfing activities would be affected, however ONLY Longecity is affected by the issue and being redirected.

- It's not the forum being hacked, otherwise you would have lots of similar reports, and I seem to be the only one (?) reporting this.

- I found out that it's possible that an ad has been hacked and redirected. Since Longecity has two types of ads , ones that are placed by the admins, and others placed automatically by GoogleAds/Adchoices , it could one of the local ads that's being hacked. So I installed Adblocker in Safari ( on the Mac ), and blocked the ads ( the ones placed by Longecity still show up ). Surprise surprise : no more redirections. Been browsing for more than an hour with any issues.

EDIT : Actually I know now exactly wich ad it is. As soon as this one shows up ( and it shows up a LOT of times more than the others), boom : redirection to the same mmo games. Ironically, it's an ad for... an ad network ! Probably to demonstrate how efficient their unethical methods are..

Edited by BlueCloud, 31 October 2013 - 12:02 PM.


#13 niner

  • Guest
  • 16,276 posts
  • 1,999
  • Location:Philadelphia

Posted 31 October 2013 - 08:04 PM

I think google would like to know about this. You should send them an email report.

#14 YOLF

  • Location:Delaware Delawhere, Delahere, Delathere!

Posted 31 October 2013 - 11:23 PM

You can also clear out Java and Flash data... not sure how to do it on a mac though, but it can help.

#15 Luminosity

  • Guest
  • 2,000 posts
  • 646
  • Location:Gaia

Posted 02 November 2013 - 06:09 AM

There were a lot of weird things happening on Sunday. It seemed like a security issue.

#16 hamishm00

  • Guest
  • 1,053 posts
  • 94
  • Location:United Arab Emirates

Posted 09 November 2013 - 05:24 AM

This forum keeps uploading adware onto my phone. It just did it now while I was writing this post. I also get diverted to other nonsense sites that insist I should be working from home. Apk files called 'mobogenie' get auto installed on my phone. Every time I visit I pretty much have to run antiviral software and also run a search for the app to delete it.

I also now get popup screens randomly when I am in other apps.

I know I am getting this because my registration lapsed and now of course I get spammed. Won't be re - registering on principle until this is fixed.

Edited by hamishm00, 09 November 2013 - 05:28 AM.


#17 hamishm00

  • Guest
  • 1,053 posts
  • 94
  • Location:United Arab Emirates

Posted 09 November 2013 - 12:59 PM

Yup, I'm getting diverted to work at home sites on the PC and on the android it auto uploads apps onto my phone as well as forces popups onto my screen - only happens when I am on longecity, no other websites.

#18 maxwatt

  • Guest, Moderator LeadNavigator
  • 4,949 posts
  • 1,625
  • Location:New York

Posted 09 November 2013 - 02:10 PM

Are you on Safari too? Try downloading Firefox and/or Chrome. They have some anti-malware/addware built in. But it wounds like maybe a malicious add exploit.

#19 Layberinthius

  • Guest
  • 298 posts
  • 26
  • Location:Cyberspace

Posted 09 November 2013 - 11:00 PM

I suspect that this forum is being monitored anyway. Just some weird shit about the malicious code that quirks my interest.

Also nasty shit that appears in my firewall logs after I joined here.

It could be anti-longevity proponents trying to attack and identify in real life the users of this forum, or it could be government resistance.

Frankly I think this forum software needs to be more resilient by simplifying everything. But I know that suggestion will fall on deaf ears.

I would suggest to everyone who uses this forum to use the firefox/chrome plugin "https everywhere" bare minimum. https://www.eff.org/https-everywhere

And to install a suitable software firewall.

Zonealarm for Windows 7/8
and Sygate Personal Firewall for Windows XP.

And to setup ufw rules if they are using ubuntu.

I would also suggest that if your privacy is your primary concern to get a proxy, NOT from a company like hidemyass (they WORK for the government) but something like ipredator.

Its kind of ironic that this thread's index in the url above contains the numbers "66666", I'm not a religious man but that still kinda freaks me out a bit. lol

Edited by Layberinthius, 09 November 2013 - 11:14 PM.


#20 caliban

  • Admin, Advisor, Director
  • 9,154 posts
  • 587
  • Location:UK

Posted 10 November 2013 - 12:09 AM

Let me just clarify:

1) there is no evidence that LongeCity has been 'hacked' - your personal data as far as we know (it seems difficult to tell with governments getting involved in spying over the internet) is safe.

2) As has been mentioned in the newsletter and in this forum, we have troubles with out database recently. We are still trying to isolate the problem but while it persists, the site might crash more often. As far as we know this is an internal problem not the result of some 'hacking' attack but we will continue to investigate the issue until a solution has been found.

3) Blue Cloud has identified a malicious and annoying advertisement that is being served to LongeCity by an external network. Obviously, we didn't invite this to happen and have no control over it as such, but if you could just provide a bit more information, we can try to block that ad from being served to LongeCity again.


#21 niner

  • Guest
  • 16,276 posts
  • 1,999
  • Location:Philadelphia

Posted 10 November 2013 - 02:46 AM

This is the second report like this. Sounds like we have a problem. Is this some bad ad that's not under our control?

#22 BlueCloud

  • Topic Starter
  • Guest
  • 540 posts
  • 96
  • Location:Europa

Posted 10 November 2013 - 01:04 PM

@ Layberinthius : nah, no need to look that far. The Wild Wild Web has always been hammered everyday by sore losers ( hackers) who need to make other people's lives miserable , to compensate for their small penises :-D . Also It has become an ideal way to make money through hacking, extorsion, identitiy theft etc, it less risky than robbing their local supermarket.

- It's not a Safari issue, Hamishm00 is reporting the same issues on his Android phone, and there's no Safari for it.

@ Caliban : Yes , I've cornered it to exactly one ad , as soon as it appears, boom. Curiously, since a few days, the space ( in the right low corner of the forum, out of the three ads that populate that area ) where it usually appears is now empty, yet I can still see the link to it. I don't know why it only appears on Longecity, maybe the forum has grown in popularity and looks like a nice target now for them.
Caliban , would you like me to post the details about that ad here, or do you prefer to have it on PM ?

#23 Layberinthius

  • Guest
  • 298 posts
  • 26
  • Location:Cyberspace

Posted 11 November 2013 - 04:02 AM

@ Layberinthius : nah, no need to look that far. The Wild Wild Web has always been hammered everyday by sore losers ( hackers) who need to make other people's lives miserable , to compensate for their small penises :-D . Also It has become an ideal way to make money through hacking, extorsion, identitiy theft etc, it less risky than robbing their local supermarket.

- It's not a Safari issue, Hamishm00 is reporting the same issues on his Android phone, and there's no Safari for it.


Tell that to slashdot:
http://news.slashdot...o-serve-malware

:)

#24 hamishm00

  • Guest
  • 1,053 posts
  • 94
  • Location:United Arab Emirates

Posted 11 November 2013 - 04:27 AM

I am running Firefox on both Android and Pc.

I have taken a photo of the popup on android and will take one that pops up on Firefox. Can I send them to an email address?

Just to confirm, this is the only side I visit where this happens, so it's fairly sage to say it's a Longecity problem.

I just got diverted on the Android to http://seth.avazutra...&vurl=1731_1925

That site then auto uploads malware or aware called mobogenie1503.apk on the Android.

#25 Layberinthius

  • Guest
  • 298 posts
  • 26
  • Location:Cyberspace

Posted 11 November 2013 - 05:05 AM

You can upload the photos to: http://www.imgur.com

Or to: http://postimage.org/

and then copy and paste the links to this thread if you like.

#26 niner

  • Guest
  • 16,276 posts
  • 1,999
  • Location:Philadelphia

Posted 11 November 2013 - 08:03 PM

@ Layberinthius : nah, no need to look that far. The Wild Wild Web has always been hammered everyday by sore losers ( hackers) who need to make other people's lives miserable , to compensate for their small penises :-D . Also It has become an ideal way to make money through hacking, extorsion, identitiy theft etc, it less risky than robbing their local supermarket.

- It's not a Safari issue, Hamishm00 is reporting the same issues on his Android phone, and there's no Safari for it.


Tell that to slashdot:
http://news.slashdot...o-serve-malware

:)


I'm pretty sure that neither NSA nor GCHQ have any interest in sending Longecity readers to a scummy adware site. It's not that they couldn't hack us if they really wanted to, but it's delusional to think that we are important enough / dangerous enough for them to bother with.

I don't know if it works for registered users or not, but members can certainly upload images directly without going through a separate storage site. You just use the "Attach Files" button.

#27 Layberinthius

  • Guest
  • 298 posts
  • 26
  • Location:Cyberspace

Posted 11 November 2013 - 11:57 PM

I don't know if it works for registered users or not, but members can certainly upload images directly without going through a separate storage site. You just use the "Attach Files" button.


I was thinking of the future longevity of the server.

Its probably a good idea to not do that in the long run, this website is dedicated to people who wish to live forever, that kind of database is gonna get pretty large, and I'm sure the server will most likely struggle just to seek and access billions of pages of text.

Increasing the cost of hosting to the owner.

However image links go dead, so if the images are important (ie a part of research strategys) then use the attach file feature, if the images are however not important, then use a external image hosting.

Thats my strategy anyway.

Edited by Layberinthius, 11 November 2013 - 11:58 PM.


#28 Luminosity

  • Guest
  • 2,000 posts
  • 646
  • Location:Gaia

Posted 12 November 2013 - 05:52 AM

I'm not aware that Niner is the final authority on what is or what isn't delusional. There are more things in heaven and earth . . .

#29 JBForrester

  • Guest
  • 350 posts
  • 147
  • Location:Auckland, NZ

Posted 13 November 2013 - 06:31 AM

Hamishm, what antivirus app are you using for your phone? I need to get one asap... My phone has also been acting up ever since I started visiting this site on it...

#30 hamishm00

  • Guest
  • 1,053 posts
  • 94
  • Location:United Arab Emirates

Posted 18 November 2013 - 04:26 AM

What's for sure is that this forum has infected my phone. Going for a full reinstall





Also tagged with one or more of these keywords: forum, hacking, android issues

8 user(s) are reading this topic

0 members, 8 guests, 0 anonymous users