Potential malware or malicious ads

[RossK]

Just want to alert the admins that under some circumstances, some pages of the forum are redirecting to malware pages.

For example, while browing this thread, without clicking anything (I was just reading), my browser forwarded me to the below page. It does however appear to be infrequent and random, and could be caused by an advert on the page that is serving up a malicious javascript. These things are quite hard to track down, unfortuantely - as they may only trigger under certain conditions (date, time, location of user, etc) - but just wanted to bring it to your attention.

See https://www.sitelock.com/blog/prevent-url-redirect-attacks/ under the heading "How to spot a URL redirection vulnerability".

 

[RossK]

I am seeing some suspicious javascript towards the bottom of the page source code of some forum pages... Particularly the last line in the below. That domain 'onclck' appears to have a high risk score according to DomainTools and was only registered/created 16 days ago. I'm afraid to say the forums have highly likely been infected with malware.

<script type="text/javascript">
var vglnk = {key: '00b5bd2c76e9aae8d89a91cb711b0736'};
(function(d, t) {var s = d.createElement(t);
s.type = 'text/javascript';s.async = true;
s.src = '//clickcdn.sovrn.com/api/sovrncm.js';
var r = d.getElementsByTagName(t)[0];
r.parentNode.insertBefore(s, r);
}(document, 'script'));
</script>

<script async src="//onclck.net/o.js?uid=fb169bd1ed097b5b20e9f1cb" type="text/javascript"></script>

 

[WebmasterCorey]

The boards are not infected. I placed that javascript there as part of a test.