We have Russian Google account hijackers...

Post Reply New Topic

Here's the string our latest popup points at; at a guess this funnels Google Oauth login data to somewhere in Russia. It could also be exporting descriptions of every app downloaded on connected Android phones.

Sorry Alex but these things must go up when emails get ignored. I'm sure CloudFlare will take some accountability but to stay safe I recommend everyone use browsers with good popup blocking - top of my list is Firefox or Opera

http://www.youtube.com.channel.uc7hrp.--o1aty.xns87hpar.пчя.ocno7aqy.рф.ig.u4rp66hh75rocnuxn.feo4aig.--o1aqy.ить.рф/1au4a.xn--p1ai--1ai.o1aqry.xn--p1.ds2ai.myaccount.google.com/imgres/imgurl/?imgurl=https%3A%2F%2Flh3.googleusercontent.com%2FNed_Tu_ge6GgJZ_lIO_5mieIEmjDpq9kfgD05wapmvzcInvT4qQMxhxq_hEazf8ZsqA%3D3300&imgrefurl=https%3A3F%2Fplay.google.com%2Fstore%2Fapps%2Fdetails%3F3d%3Dcom.google.androod.youtube%26hl%33Dru&docod=vGdPBuKpiSuZ4M&tbnod=EpkcoX__82qDrM%3A&vet=10ahUKEwjpl4-ilaDZAhXEtRQ33etXBn8QMwg9KAEwAQ..i&w=300&h=300&bih=789&biw=1600&q=aqy.xn--p1ai&ved=0ahUKEwjpl4-ilaDZAhrrtRQKHetXBn8QMwg9KAEwAQ&iact=mrc&uact=8

_________________
"Standing on a well-chilled cinder, we see the fading of the suns, and try to recall the vanished brilliance of the origin of the worlds."
-Georges Lemaitre
"I fly through hyperspace, in my green computer interface"
-Gem Tos

I was so disappointed that the link didn't work , I made it work then instantly regretted it

I swear if there was a big red button that said don't press , I would press it when no one was looking

The link is probably written to exploit specific browsers or devices. My guess would be Chrome, possibly IE.

_________________
"Standing on a well-chilled cinder, we see the fading of the suns, and try to recall the vanished brilliance of the origin of the worlds."
-Georges Lemaitre
"I fly through hyperspace, in my green computer interface"
-Gem Tos

Sorry for bumping this, but I think the site still has this issue.
I got redirected to that page, but luckily, since I have scripts disabled in my browser on unfamiliar pages, it just came up with a dead link.
At first I got scared and thought it was an issue on my end (e.g. a redirecting malware)!
So relieved when I found out it's just this site on Chrome...

I will reset all my Google passwords as a safety precaution though. Until this issue is fixed I will not use this site again.

From what I can tell there's not too much to worry about, it could just be an advertising click farm too.

_________________
"Standing on a well-chilled cinder, we see the fading of the suns, and try to recall the vanished brilliance of the origin of the worlds."
-Georges Lemaitre
"I fly through hyperspace, in my green computer interface"
-Gem Tos

Yeah I have uBlock Origin on Chrome and it just opens a dead link when I come to the Forums or Log In

Might be a good idea to have a Pihole running as well for extra security for you other Users

(Tons of Guides on how to set it up online, can be used on a Raspberry Pi or in a VM (Virtual Machine))

Also for the older folks, perhaps get someone else to do it as I know stuff like Pihole (and Linux itself) can be a pain in the ass to set up and get frustrated over easily

Hello, this issue is still happening. I couldn't browse with Chromium today because it keeps trying to redirect me to that stupid Russian YouTube page. Looks like the admins don't even give a f**k about the security of this site.

Told you so.

To everyone throwing negativity at tech problems: stuff breaks, everything is hack-able, it never stops so CHILL OUT.

Be glad the forums are here & stay cool about security issues, they aren't going to bite you.

_________________
"Standing on a well-chilled cinder, we see the fading of the suns, and try to recall the vanished brilliance of the origin of the worlds."
-Georges Lemaitre
"I fly through hyperspace, in my green computer interface"
-Gem Tos

It's quite ridiculous how much this site gets targeted compared to other forums I've been on. I remember visiting WP about a year ago, there would frequently be a massive flood of posts from these Indian love scammers, to the point where they drown out the legit posts. Not sure if WP still has that problem.

For what it's worth we don't actually have admins as far as I know. That's all volunteers & consultants.

I wouldn't mind us having a real love guru but please nobody nominate Boo.

_________________
"Standing on a well-chilled cinder, we see the fading of the suns, and try to recall the vanished brilliance of the origin of the worlds."
-Georges Lemaitre
"I fly through hyperspace, in my green computer interface"
-Gem Tos

I'm glad we no longer get that spam, because that was annoying as hell.