Google (Chrome) is telling me forum.avsim.net is infected with malware when I click on thread entitled "How much have you spent on Flightsimming"

 

"Content from Pheonixva.org has been inserted into this webpage"

 

 

Anyone else?????

Yup, I got the same thing yesterday (2JAN13) when I tried to access the same thread

Same here. Also Firefox is still warning me of flightsim.com.

Looks like Chrome for whatever reason is flagging a signature image as malware.

 

It's edwardsm signature image from this post: http://forum.avsim.n...g/#entry2534634

 

wwwDOTphoenixvaDOTorg/lib/signatures/PVA1503.png

Yes, I have removed the signature image and URL and have warned the member.That alert is now gone.

Yes, I have removed the signature image and URL and have warned the member.That alert is now gone.

 

Tom, was this something that was intentionally inserted into the image, or did some unintended combination of bits in a pixel map just happen to be an exact match for a malware signature?

 

If intentional, I'm not sure a warning is strong enough.

No, it was not intentional. My VA's website picked up something from another source which our service provider and admins are working on. Since we have signature bars and since I had the bar in my signature here it seems to have crossed over. The signature bar has my full name so using it satisfies the real name requirement of the PMDG section and advertises our VA so I use it here. Tim was kind enough to correct the issue by removing the block from my signature. Sadly we are a victim; however, the problem should be corrected soon. The warning I received from Tom was that there was a problem with the signature. It was not a warning against me here on the Forums. There was no need for that sort of a warning against me since it was something beyond my control. Although I have no first hand knowledge in these matters it is my understanding that because the image is generated from and hosted by my VA it caused a warning flag over here.

Same here. Also Firefox is still warning me of flightsim.com.

I believe we have a link back to them; however, I'm not an admin and I do not know what the investigation by our service provider has turned up so I'm not going to say it crossed to use from there. I will pass that information along though.

Even though this was unintentional it surely sounds a warning to be careful about what's put in signatures.

How do you propose people do that? The only method I can think of is to ban all items which link to external sources. That would include Tom's TeamSpeak user bar which links to an external host. What about Shaun's Blue Skies signature? Another external link. Don't forget about the advertisements which are placed at the top, bottom, and side of the pages. They are links to external sources. Should AvSim ban all of them because any of those servers could potentially be attacked and sound a warning back here? Some things are beyond our control and I don't see how we can be more careful without barring any links to the outside. I was very careful, I used only one image. That image was automatically generated for me same as it is for the 200 members of our VA. It links back to the VA because every flight that a pilot makes updates the information on the image. I don't think anyone here at AvSim would purposely launch an attack against this site.

I never suggested banning anything - merely that we should be careful. What's wrong with that?

Let's not over react guys. I can count on one hand in the last 17 years that we have had something like this occur. We look at every ad and URL that it links to before we approve them. Auto approval is only given to longstanding and trusted sites. When an alert shows up like the one we saw here, it is fairly easy to track down and remove. All it takes is someone to alert us.

I never suggested banning anything - merely that we should be careful. What's wrong with that?

???

Who said anything was wrong with it? In my first sentence I asked how you thought it could be done. In the next few sentences I stated the only method I could think of and pointed out the flaws in that option. I finished by explaining that I was being careful and that no forum warning was needed because it was beyond my control.

 

So, with that said what would you suggest members do, or what steps can members take, to be more careful? I have no experience in these matters and would appreciate any insight which could help me in the future.

So, with that said what would you suggest members do, or what steps can members take, to be more careful? I have no experience in these matters and would appreciate any insight which could help me in the future.

 

As original poster all I would expect is anybody that get's such a warning simply make the mods and other users aware of it. Let's face it we all have (or should have) anti-malware protection on our systems to protect us against any damage.. As already stated it is very doubtful that an Avsim user would intentionally compromise this site.

I can understand that; however, I never received a warning on my computer. I want to stress that this maleware has nothing to do with me or my computer. Even though I have been on and off the website my antivirus still does not detect a problem, only Chrome says something is wrong. The first I knew there was a problem with my signature was when Tom sent me a message. Had someone else sent me a message or had I suspected the signature image could cause a problem I would have been more than happy to remove it on my own. Honestly I still don't understand how something from over there (my VA) caused an alarm over here. I am not versed in how these attack things work. The little I know is stuff I taught myself. Point in fact I am still researching and asking questions on my own to try and understand what maleware is, how it attacks, and what the objective of it is. Until now I was under the impression it was intended to redirect you to a store or website to tempt you into buying products or false services because I never took an interest in this subject. My antivirus works and updates itself and that is all I ever cared to know.

 

At any rate as I said above, had I known there was a problem here I would have been more than happy to remove the image. Now I have learned that somehow the two are linked, even though I still don't understand how. Point is now I have learned something new and found have something to read on those long hauls. :smile: