Porn bot may shut down InsideEVs temporarily

My Nissan Leaf Forum

Help Support My Nissan Leaf Forum:

This site may earn a commission from merchant affiliate links, including eBay, Amazon, and others.
DNAinaGoodWay

DNAinaGoodWay

Well-known member
Joined
Dec 17, 2012
Messages
2,774
Location
Central Massachusetts
If you've been there lately and gotten redirected to a porn site, youre not alone. Got this message from Jay. Just FYI:

"Sorry you got the redirect

Very aware of the issue...I think we are now entering day 6 atm. We have made several (unsuccessful) attempts at repairing the site through a couple different security firms. It is tricky because it only affects 1 in every 300 or so visits, and once you get it...it can't be immediately reproduced.

I'm going to be trouble shooting it next 48 hours...after that we will probably have to bring the site down for awhile and maybe move to a new host/start from scratch.

Thanks for reaching out and let us know,

Jay
InsideEVs
 
I reported redirect issues more than a month ago to insideEVs. Seems this malware is effecting many internet sites. I get unable to reach sites due to endless redirect often. I thought the issue was ad based malware. An internet site would have a hard time figuring that out, since it depends what add gets served from a third party.
 
Yeah, I've seen that a few times - mostly seems to affect browsing on mobile devices.

This looks like it:

http://blog.sucuri.net/2014/05/website-infections-malicious-redirect-to-porn-website-target-wordpress-and-joomla-users.html" onclick="window.open(this.href);return false;

Or it could be this older one:

http://blumenthals.com/blog/2013/05/02/linuxcdorked-a-nasty-new-apache-hack/" onclick="window.open(this.href);return false;
 
DanCar said:
I reported redirect issues more than a month ago to insideEVs. Seems this malware is effecting many internet sites. I get unable to reach sites due to endless redirect often. I thought the issue was ad based malware. An internet site would have a hard time figuring that out, since it depends what add gets served from a third party.
Click to expand...

This is a new (and funnier) varient I guess. This one actually first popped up last (week) Friday apparently I am told. Its a tuffie...not one we have been able to quash as of yet despite throwing a ton of resources at it (and 2 separate IT teams)

Jay
 
Can't you just disable ads temporarily? If that's where the redirect code is coming from (most likely) then just take it down until you find the ad that is doing it.
 
2k1Toaster said:
Can't you just disable ads temporarily? If that's where the redirect code is coming from (most likely) then just take it down until you find the ad that is doing it.
Click to expand...
+1.

BTW, I got the redirect for the first time yesterday to a porn site - normally I've been getting redirects to something about facebook apps.
 
I get redirected to a Facebook ad sever ranging from 1 in 5 to 1 in 10 times I click into an article. Super annoying. I thought it was supposed to do that as I guessed they used FB for ads. Haven't seen the porn site yet but I usually click back quickly when I realize I'm redirected.
 
I've had some conversations with Jay about it as well. It only happens to me about once every few days. The fact it happens so infrequently is what makes it a nightmare to troubleshoot. Anyone working in I.T. or automotive repair will tell you the easiest problems to fix are the ones that are easy to reproduce.
 
adric22 said:
Anyone working in I.T. or automotive repair will tell you the easiest problems to fix are the ones that are easy to reproduce.
Click to expand...
Just write automation to catch when it happens - just keep trying (programmatically once every second) until it happens. In 15 minutes they can catch it.
 
Just as an update.

Finally pinpointed the issue. We originally though we perhaps were hacked, took the site down/reloaded content/templates a couple times - not it. Then we though perhaps there was some bad ad code - not it.

In the end it was actually at the server host level and redirects were occurring from point of origin. This bug is now affecting 100s on the internet.

On the good news side, we now have a new server(s) spun up (which is actually faster/larger), and the problem is fixed...huZZah. If you go to the site now you may still see the old one until the 'internets' figures out to point to the new one. (You can tell because the old site is in 'read-only' mode...so you can interact/comment...and there is no post updating the problems/fix).

Just want to say thanks for everyone's patience, and help reaching out to us to aid in figuring out the problem.

Jay
InsideEVs
 
Statik said:
On the good news side, we now have a new server(s) spun up (which is actually faster/larger), and the problem is fixed...huZZah. If you go to the site now you may still see the old one until the 'internets' figures out to point to the new one. (You can tell because the old site is in 'read-only' mode...so you can interact/comment...and there is no post updating the problems/fix).
Click to expand...

I'm not sure about that.. I got sent to a scam page about 2 hours ago... Not sure which time zone you are in. So I hope that was the old server..
 
adric22 said:
Statik said:
On the good news side, we now have a new server(s) spun up (which is actually faster/larger), and the problem is fixed...huZZah. If you go to the site now you may still see the old one until the 'internets' figures out to point to the new one. (You can tell because the old site is in 'read-only' mode...so you can interact/comment...and there is no post updating the problems/fix).
Click to expand...

I'm not sure about that.. I got sent to a scam page about 2 hours ago... Not sure which time zone you are in. So I hope that was the old server..
Click to expand...

+1 - Just got redirected to FB - swing and a miss.
 

Similar threads

A
Tim DeChristopher Sentenced to Two Years
Replies
7
Views
2K
ERG4ALL
E

Latest posts

Back
Top