Nav_image
Nav_image Nav_image Nav_image Nav_image Nav_image Nav_image Nav_image Nav_image Nav_image
Nav_image Nav_image Nav_image Nav_image Nav_image Nav_image Nav_image Nav_image
Nav_image
Page 1 of 2 12 LastLast
Results 1 to 10 of 11

Thread: Bitcoin mining and other issues.

  1. #1
    Enname's Avatar
    Join Date: 06.04.16
    Location: Dis.
    Posts: 855
    Rank: Crimson Soil

    Default Bitcoin mining and other issues.

    This should probably be here.

    From Golden Eel up in General Discussion:





    The PM main site and the forum are both serving scripts to users from these URLs:

    deluxe (dot) script (dot) ag/tag.js#site=0M6ZVb2
    mwor (dot) gq/ioefjjei
    wordc (dot) ga/iillioid
    Further info:

    https://www.virustotal.com/#/url/1d0...1d4f/detection
    https://www.virustotal.com/#/url/6ff...c8d3/detection
    https://www.virustotal.com/#/url/5c8...fc0e/detection

    https://urlscan.io/result/d280a57d-0...99572e#summary
    https://urlscan.io/result/ac03de5d-0...ade928#summary
    https://urlscan.io/result/9325b17d-c...5cc99/#summary
    So this should probably be addressed.

    (P.S. why does the site still not have https certification? It is quickly becoming not optional. Chrome already notifies the user that the site isn't safe based on that alone, so it's even worse that vBulletin seems to be filled with these gaping exploits.)
    Quid ignorantia sit multi ignorant.

  2. #2
    speed bump mannequin Golden Eel's Avatar
    Join Date: 06.20.09
    Location: Boy's Club
    Posts: 3,371
    Rank: 15 Gauge

    Default

    It should be here but I purposely put it in General Discussion so people at least have a chance to see it. My thread's been up for 20 hours so I'm not sure why no staff have commented. I understand it might take some time for Cringeon to fix, but just letting these resources hang out and run unfettered on every visitor's computer throughout whatever behind the scenes troubleshooting process is a really uncool way to go about it.

    Seems like the only reasonable options are either shut the site off until it's fixed or force a big blinking sign that tells people that, for the time being, Provider Module is being run in tandem with unknown Slavic hackers.


    and with just one faint glance back into the sea
    the mollusk lingers with its wandering eye
      
      

  3. #3
    Administrator
    "Captain Aids"
    Norsefire's Avatar
    Join Date: 06.19.09
    Location: UK
    Posts: 5,614
    Rank: Stigmartyr

    Default

    It must be something tied with the forum again because the reported pages all have forum feeds on them as well.
    It isn’t going ignored btw.

  4. #4
    The Pale Scion Korpz's Avatar
    Join Date: 08.26.10
    Posts: 577
    Rank: Crimson Soil

    Default

    I get this when clicking the forum link from the main page:
    .
    https://freesoftwarestation.com/camp...2=459351556617
    .
    It also spawns when perusing eh forums, No other sites giving me issues and it being flagged as:
    .
    -Log Details-
    Protection Event Date: 3/8/18
    Protection Event Time: 8:29 PM
    .
    -Exploit Details-
    File: 0
    (No malicious items detected)
    .
    Exploit: 1
    Malware.Exploit.Agent.Generic, , Blocked, [0], [392684],0.0.0
    .
    -Exploit Data-
    Affected Application: Internet Explorer (and add-ons)
    Protection Layer: Application Hardening
    Protection Technique: Attempt to execute VBScript blocked
    File Name: C:\Windows\SysWOW64\vbscript.dll
    URL:
    .
    (end)
    "And We Will Sleep on the Skin of Its Nightmares..."

  5. #5
    Administrator
    IN gOD WE TRUST
    Cringeon's Avatar
    Join Date: 06.20.09
    Location: SLUT
    Posts: 5,072
    Rank: Golden Needle

    Default

    I'm still working this (including a server move which will result in some downtime). Are people still getting the pop ups either desktop or mobile? Try a cache clear if you are, and if you still get them please report here. Thanks.

  6. #6
    The Pale Scion Korpz's Avatar
    Join Date: 08.26.10
    Posts: 577
    Rank: Crimson Soil

    Default

    Its there for me using IE when entering the PM from the main website: http://www.providermodule.com/ and clicking on any of the Banner Links.
    "And We Will Sleep on the Skin of Its Nightmares..."

  7. #7
    Vertigo's Avatar
    Join Date: 09.26.14
    Posts: 728
    Rank: Crimson Soil

    Default

    Cringeon, I'll get the following information when I visit the PM website:

    Web Attack: Malevertisement Website Redirect 17

    Attacker: cloudfront.net

  8. #8
    Administrator
    Unkillable Party Monster
    S.D.'s Avatar
    Join Date: 06.19.09
    Location: Inkland
    Posts: 3,401
    Rank: 15 Gauge

    Default

    McDonalds Trump might not be able to sort out the Russians, but Provider Module can.
    "the Serpent was more crafty than any beast of the field which
    the LORD god had made
    "

    m e m e n t o m o r i . p o s t m o r t e m


  9. #9
    Administrator
    IN gOD WE TRUST
    Cringeon's Avatar
    Join Date: 06.20.09
    Location: SLUT
    Posts: 5,072
    Rank: Golden Needle

    Default

    For those curious, we have shifted to another server which is running updated versions of PHP and MYSQL which are the backbone of the forum. Vbulletin (the forum software) has also been upgraded which should plug some security flaws that led to the script issue both on the forum and on the front page of the site. There may be a few things here and there left to be fixed from the upgrade, but as of now things are reporting clean. Thanks for your patience.

  10. #10
    Enname's Avatar
    Join Date: 06.04.16
    Location: Dis.
    Posts: 855
    Rank: Crimson Soil

    Default

    Always curious and thanks for the sheer effort put in to sort this out.


    A few bits I've noticed:
    The like button is not showing
    I am having trouble getting instagram embedding to work (and I swear it is not me being incompetent!)
    Quid ignorantia sit multi ignorant.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

NEWS | TOUR | BIOGRAPHIES | DISCOGRAPHY | VIDEOGRAPHY | GALLERY | MEDIA & INTERVIEWS
MANSON'S JOURNAL | ESSAYS & ANALYSIS | TIMELINE | FORUM | THEATRE | INFORMATION & LINKS