Members Coaster Posted September 9, 2011 Members Share Posted September 9, 2011 ok, so along with the back button issue i keep getting hung up on www.alltagcloud.info for minutes when loading this site. i did some investigating in my logs and it appears harmony central is employing www.alltagcloud.info as well as something called "webcam bait" and a host of other items that sound less than scrupulous. i'll add all these items to peerblocker along with the currently existing host of others this forum attempts to load, but really unless harmony central has been hacked by malware then i am quite disappointed that this site would choose to employ such trashy measures. i eagerly await an official response, but rather i am sure i will be met with a host of finger pointing and name calling about conspiracy theories instead. its quite easy to see what sites attempt to load, and some of it is quite appalling. Link to comment Share on other sites More sharing options...
Members Philter Posted September 9, 2011 Members Share Posted September 9, 2011 I got hung on alltagcloud.info myself (couldn't get harmony central to load because of it), so I dropped the entire domain into adblock. Farewell, whatever it was. Link to comment Share on other sites More sharing options...
Members stomias Posted September 9, 2011 Members Share Posted September 9, 2011 encountered this too this AM.............. WTF Link to comment Share on other sites More sharing options...
Members Anderton Posted September 9, 2011 Members Share Posted September 9, 2011 Yes, Jon Chappell noticed this too, and has alerted the IT people to find out what's going on. It's news to us. FWIW we have been DELUGED by spam posts. You don't see them because they enter the queue as moderated posts, meaning they've already been flagged by others as spam. For example, I just killed about 40 of them in the Yamaha stage piano pro review - they've been hitting the pro reviews particularly hard. Maybe there's a correlation. Link to comment Share on other sites More sharing options...
Members Coaster Posted September 10, 2011 Author Members Share Posted September 10, 2011 it doesnt seem to be doing it anymore at least right now. i am thrilled that HC did not do this intentionally. it is too bad there are people that do these things in this world, i guess there will always be selfish people who put themselves before others and make poor choices. Link to comment Share on other sites More sharing options...
CMS Author MikeRivers Posted September 10, 2011 CMS Author Share Posted September 10, 2011 Huh? What are you guys talking about? I know what spam is, but what's this alltagcloud.info and webcam bait? I haven't noticed any recent changes in the way I read and post here. Link to comment Share on other sites More sharing options...
Members blue2blue Posted September 10, 2011 Members Share Posted September 10, 2011 Huh? What are you guys talking about? I know what spam is, but what's this alltagcloud.info and webcam bait? I haven't noticed any recent changes in the way I read and post here.Yeah... I hadn't had any problems when I saw this post and investigated a little farther (there's another post in the amp forum, I think, on the same topic) but not long after, I did have all my attempts to access HC hang for a brief period. I have no idea if the call in the page code to a php script on that alltagcloud.info server is a normal part of this BB code implementation or if it was the result of a SQL injection or other hack, but I have certainly heard of malware hacks that have calls to scripts on offsite servers with 'innocent' sounding names like icons.php. (I also posted in the HC 'back office' forum about this topic so the PTB should be in the loop.) Link to comment Share on other sites More sharing options...
Members Jon Chappell Posted September 11, 2011 Members Share Posted September 11, 2011 (I also posted in the HC 'back office' forum about this topic so the PTB should be in the loop.) We are investigating as we speak--checking the logs, etc. We have had an inordinate amount of spam coming in lately, and we don't know if this unusual behavior was related (and malicious) or not yet. But though the problem has apparently ceased, we are still tracing it. Link to comment Share on other sites More sharing options...
Members Jeff da Weasel Posted September 11, 2011 Members Share Posted September 11, 2011 Huh? What are you guys talking about? I know what spam is, but what's this alltagcloud.info and webcam bait? I haven't noticed any recent changes in the way I read and post here. Mike, after you load a page here, take a look at your Activity window in your browser. These are bits of code that are coming in with each page view. Hard to know exactly what they're doing. Link to comment Share on other sites More sharing options...
Members blue2blue Posted September 12, 2011 Members Share Posted September 12, 2011 DO NOT go to the URL in that snippet of code. Link to comment Share on other sites More sharing options...
Members Coaster Posted September 12, 2011 Author Members Share Posted September 12, 2011 DO NOT go to the URL in that snippet of code. oh that makes me really want to go there . did you go there? Link to comment Share on other sites More sharing options...
CMS Author MikeRivers Posted September 12, 2011 CMS Author Share Posted September 12, 2011 Mike, after you load a page here, take a look at your Activity window in your browser. These are bits of code that are coming in with each page view. Hard to know exactly what they're doing. You're way ahead of me. I didn't know my browser (Firefox) even had an Activity window. Is that the progress bar at the bottom of the browser window that indicates when there's data still being loaded? I occasionally see that light up after I see enough of the page to start reading, but I just figured that was dynamic or animated ads doing their thing. I've never been aware that there was any code or links that I could see there. Guess I'll just keep my head in the sand about this one. Link to comment Share on other sites More sharing options...
Members blue2blue Posted September 12, 2011 Members Share Posted September 12, 2011 oh that makes me really want to go there . did you go there? Yes, I did, and, though I didn't stick around any longer than enough to figure out its a traditional malware vector (pron), I did run a malware scan after I got done. (Clean. But I'm all patched up and my security is notched up pretty good. I didn't expect anything. Others might not be so lucky.) Anyhow, suffice it to say, that it's a bit of code that has no place in this BB. I've further updated the powers that be on its nature. Link to comment Share on other sites More sharing options...
Members blue2blue Posted September 12, 2011 Members Share Posted September 12, 2011 You're way ahead of me. I didn't know my browser (Firefox) even had an Activity window. Is that the progress bar at the bottom of the browser window that indicates when there's data still being loaded? I occasionally see that light up after I see enough of the page to start reading, but I just figured that was dynamic or animated ads doing their thing. I've never been aware that there was any code or links that I could see there. Guess I'll just keep my head in the sand about this one.Don't feel bad on that one, Mike. I didn't either. And I scoured Firefox, Chrome, and Safari. There is a 'media' window in the FF CP interface that shows various media components that load with a page, and similar features in the others, I think. Maybe the weasly one is running a diagnostic plugin? Link to comment Share on other sites More sharing options...
Members Jeff da Weasel Posted September 12, 2011 Members Share Posted September 12, 2011 Guess I'll just keep my head in the sand about this one. It's probably nothing you need be concerned with, Mike. Coaster did the right thing in letting the admins know, and they're on it. The long story short & simple: a web page is a bunch of code that gets interpreted by your browser to display in some graphic format you can see on your screen. However, there can be other sections of code that you do not see doing various things. Mostly it's good stuff, like allowing a menu to drop down so you can navigate around a site. But sometimes, it's malicious code that does things like tracking your movements around the Internet away from the site you're on, or trying to access your computer's data, and so on. Often, it's just advertising code that tries to serve you ads in various ways. Have you ever gone to another site and seen ads for something you were looking at on a different page? That's how those work. How would code like that get into a benign site like Harmony Central? It could have been added unknowingly to a banner ad that is served at the top of this page, for example. Or someone could have hacked HC specifically to leave this code there. In any case, the admins should be able to trace its origin. I am seeing it right now in Safari using the Activity menu (I'm not sure of the FireFox equivalent). But the suspect code is built right into the source code of the page. Looks like this... So, I'm sure they'll figure out what the deal is. Chances are we don't need to worry about coming here and being infected... hopefully. Link to comment Share on other sites More sharing options...
CMS Author MikeRivers Posted September 12, 2011 CMS Author Share Posted September 12, 2011 Thanks for the further info. I guess if there's something that needs to be taken care of on the HC end, it will happen eventually. I'm concerned about the kind of malware that steals my passwords but not really about what tracks where I go. It's stuff like that which makes access to the useful information free, so let 'em know that I'm not going to their ads. I don't care. Link to comment Share on other sites More sharing options...
Members Jeff da Weasel Posted September 12, 2011 Members Share Posted September 12, 2011 I'm concerned about the kind of malware that steals my passwords but not really about what tracks where I go. Most of us feel the same. The problem is that there's really no way of knowing from just a glance at the code what it's actually doing. Anyway, Craig and Jon and gang seem to be on top of it. Link to comment Share on other sites More sharing options...
Members Coaster Posted September 12, 2011 Author Members Share Posted September 12, 2011 i'm glad this is working out for the best. i am also glad my faith in HC is restored, and faith is not something i have much of these days. it has become really difficult to see who "the bad people" are anymore, and i am a little ashamed that i thought HC was likely employing these measures rather than having been hacked. its real hard to tell who to trust anymore, and that is just sad. Link to comment Share on other sites More sharing options...
Members blue2blue Posted September 12, 2011 Members Share Posted September 12, 2011 The most important thing you can do to stay safe -- no matter what OS/platform you're on -- is to make sure your OS and web-accessing apps (that includes browsers, of course, but also media players and other programs that can access the web) are properly up-to-date and the OS firewalls are properly implemented. Update support on the Windows side goes back to XP.* With OS X, updates are more restrictive, but Apple supports the latest OS X version with daily updates when necessary (as it was during the height of the Mac Defender problem). I, personally, do not run background resident anti-malware programs because they tend to miss the latest threats but also, crucially, because they tend to suck down an enormous amount of resources while running in background. However, they can provide some extra protection in some cases, particularly in the case of things like email scanning (for those of you who just can't pass by an email attachment from a stranger without opening it or clicking those 'suspicious links.' ) I do, from time to time, use on-demand scans from outfits like Trend Micro's House Call or MS' Malware Removal Tool and some of their other services -- and I make sure to have a copy of MalwareBytes Anti-Malware on my machine. (If you do get a successful intrusion, many malwares will try to block your access to Trend Micro, Windows Update/Malware Removal, and anti-malawre sites like MalwareBytes.) *MS continues to provide security patches to XP (introduced in 2001) but Vista and Win 7 have architectural features that make them more secure still. In fact, no less an authority than MacWorld said a few months ago that, "Windows 7 is actually more secure than OS X." http://www.macworld.com/article/160098/2011/05/macdefender.html Link to comment Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.