Nordraw Posted January 18, 2016 Report Posted January 18, 2016 eb Attack: Mass Injection Website 19 Severity: High Anyone else getting this when they log on to "toosinaction" website? This attack could pose a serious security threat. You should take immediate action to stop any damage or prevent further damage from happening. DescriptionThis signature detects hidden scripts injected in compromised websites, which upon visiting redirects the user to exploit kit hosted sites. Additional InformationThis is a detection for compromised websites with the injected script code. This is an attack where a malicious javascript is injected in large number of clean websites. Once compromised, it aims to use the websites to redirect its visitors to a Multiple Exploit Kit landing page without being aware of it. AffectedVarious WordPress sites Quote
DR99 Posted January 18, 2016 Report Posted January 18, 2016 I didn't see that but the TIA webpage is having a bunch of problems right now. Quote
DR99 Posted January 18, 2016 Report Posted January 18, 2016 Eric has had the tia page checked. If you still have this issue clear your cache for the TIA page. Quote
Nordraw Posted January 18, 2016 Author Report Posted January 18, 2016 Category: Intrusion PreventionDate & Time,Risk,Activity,Status,Recommended Action,IPS Alert Name,Default Action,Action Taken,Attacking Computer,Attacker URL,Destination Address,Source Address,Traffic Description1/18/2016 2:43:46 PM,High,An intrusion attempt by www.professional-power-tool-guide.com was blocked.,Blocked,No Action Required,Web Attack: Mass Injection Website 19,No Action Required,No Action Required,"www.professional-power-tool-guide.com (208.86.159.144, 80)",professional-power-tool-guide.com/power-tool-forum/public/style_extra/sharelinks/Facebook.png,"RCW (192.168.1.4, 54880)",www.professional-power-tool-guide.com (208.86.159.144),"TCP, www-http"Network traffic from <b>professional-power-tool-guide.com/power-tool-forum/public/style_extra/sharelinks/Facebook.png</b> matches the signature of a known attack. The attack was resulted from \DEVICE\HARDDISKVOLUME2\USERS\USER\APPDATA\LOCAL\GOOGLE\CHROME\APPLICATION\CHROME.EXE. To stop being notified for this type of traffic, in the <b>Actions</b> panel, click <b>Stop Notifying Me</b>. Quote
unclebud Posted January 18, 2016 Report Posted January 18, 2016 I just sent Eric a screenshot of the problem I am having. My virus blocker won't let me open the website. I have to go through a link from an email I got when I signed up for the forum. Quote
Nordraw Posted January 19, 2016 Author Report Posted January 19, 2016 I have scanned my computer several times and cleared the cache as one person suggested and I still get a pop up on my "Norton" anti virus software every time that it blocked something "mass injection website 19" I can only access this site by going through google or Bing and typing tools in action forum. Still get the pop ups though. So it seems like this is not fixed. Quote
unclebud Posted January 19, 2016 Report Posted January 19, 2016 I am still having the same problems. I sent Eric another screenshot. Hopefully it will be fixed soon. Quote
WigWagWorkshop Posted January 22, 2016 Report Posted January 22, 2016 No issue on my Mac using Safari Quote
unclebud Posted January 22, 2016 Report Posted January 22, 2016 Everything is working fine now. Quote
BMack37 Posted January 23, 2016 Report Posted January 23, 2016 That is some scarry shit! Make sure you scan your computer by more then one anti virus program. I recommend Kaspersky Inter Security and Malwarebytes. Malwarebytes for scanning your computer. Ad-ons for Firefox for helping protect yourself, blocking ads and speeding up browsing: ublock origin and disconnect. Adblock plus used to be the go-to ad blocker but they sold to an undisclosed company that is allowing "safe ads" if they pay a fee. Also make sure you download the correct ublock program, the origin part is important, "ublock' isn't really supported/updated, ublock origin is updated when it needs to be. I never saw any of the website issues. I don't recall what ad-ons I use for Chrome. Quote
Nordraw Posted January 23, 2016 Author Report Posted January 23, 2016 Just an add on to this. I now do not see any pop ups and all seems to be well. Quote
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.