This one has been pretty bad today. Probably gotten it 20 times. These are after clearing cookies and such. On Verizon 4G LTE using Google chrome
Redirects to malwaresite (1 Viewer)
- Thread starter ccslider
- Start date
This site may earn a commission from merchant affiliate
links, including eBay, Amazon, Skimlinks, and others.
Yep, on it already....has been a frustrating weekend, "hope" to have a 3rd party solution in place yet today.
3rd party solution implemented minutes ago....REALLY hope this fixes things....please keep me posted
Meeting with a 3rd party next week on this issue, hoping for a final long term solution
I get a ton of redirects here - more so than ANY other site/forum/etc I frequent.
This has been an ongoing issue for a while, even before I joined and I lurked here. It was so bad I disabled all cookies for Safari yesterday, and the redirects stopped. But you can’t log in when you disable cookies.
Using: iOS 12.1 - need to do an update to 12.2, but I doubt that will help. The redirects have occurred across multiple mobile devices and iOS versions throughout the years.
ETA:
I work in Cybersecurity, so I’m a bit curious as to what the 3rd party solution will be and what they say the issue is.
I’d also be curious as to what the hosting provider’s SOC2 report says.
This has been an ongoing issue for a while, even before I joined and I lurked here. It was so bad I disabled all cookies for Safari yesterday, and the redirects stopped. But you can’t log in when you disable cookies.
Using: iOS 12.1 - need to do an update to 12.2, but I doubt that will help. The redirects have occurred across multiple mobile devices and iOS versions throughout the years.
ETA:
I work in Cybersecurity, so I’m a bit curious as to what the 3rd party solution will be and what they say the issue is.
I’d also be curious as to what the hosting provider’s SOC2 report says.
GeoEdge is currently the company being used to prevent the issue. Clearly they are failing, despite monitoring over 500,000 ad requests daily. They are only blocking 1100-2000 daily, and obviously there are more issues than that. I have a meeting with them next week. Also have a meeting with Confiant next week to see what their solution looks like. Both got emails this morning.
Met last evening with my prebid ad company, they are continually making changes as well. They noted that GeoEdge is known for false positives. We'll see what they say next week.
SADLY, these issues are the worst on weekends, when traffic is high and most ad companies are not working....and the algorithm that these malvertisers use changes constantly, so every solution is simply a reaction, not a permanent cure. Interestingly, most of the ad networks used on the site are "top tier" and "certified malware free"....but clearly they are failing.
I've been upping mobile floor prices to force bidding changes, but that's nothing more than a guessing game that works for a day or two, then needs tweaking again.
The issue is prevalent worldwide, which is why companies like Confiant get $1500+ per month for their service. Clearly, given that price point, this isn't something that only hits IH8MUD. I frequent an AdTech Slack channel where solutions are regularly discussed, with the networks and the various providers...as well as continual discussion by the publishers fighting the issue.
Met last evening with my prebid ad company, they are continually making changes as well. They noted that GeoEdge is known for false positives. We'll see what they say next week.
SADLY, these issues are the worst on weekends, when traffic is high and most ad companies are not working....and the algorithm that these malvertisers use changes constantly, so every solution is simply a reaction, not a permanent cure. Interestingly, most of the ad networks used on the site are "top tier" and "certified malware free"....but clearly they are failing.
I've been upping mobile floor prices to force bidding changes, but that's nothing more than a guessing game that works for a day or two, then needs tweaking again.
The issue is prevalent worldwide, which is why companies like Confiant get $1500+ per month for their service. Clearly, given that price point, this isn't something that only hits IH8MUD. I frequent an AdTech Slack channel where solutions are regularly discussed, with the networks and the various providers...as well as continual discussion by the publishers fighting the issue.
Many thanks for the candid reply, Woody!
Part of my job entails reviewing products from vendors to see if they conform to our standards, including cybersecurity products. Unfortunately, with the prevalence of digital crimes, there are a ton of snake oil salesman in the cybersecurity industry.
At the end of the day though, the bad guys only have to be right once, and the good guys have to be right every single time. It's certainly tough.
Best of luck and I'll be happy to help if needed. I'm well aware of the headaches dealing with vendor issues and I applaud your efforts here!
Part of my job entails reviewing products from vendors to see if they conform to our standards, including cybersecurity products. Unfortunately, with the prevalence of digital crimes, there are a ton of snake oil salesman in the cybersecurity industry.
At the end of the day though, the bad guys only have to be right once, and the good guys have to be right every single time. It's certainly tough.
Best of luck and I'll be happy to help if needed. I'm well aware of the headaches dealing with vendor issues and I applaud your efforts here!
It's clearly a constant battle
Made additional adjustments this morning, removing two ad-slots from mobile devices, which will hopefully force competition within the remaining ad slots for higher quality ads and push out the malvertising. Time will tell...WORSE, no one "reports" when they have a great experience....lol
70% of site visits are from mobile devices....10 years ago, desktop was the huge "rogue ad" issue, but was far easier to track there. Tools like Charles Proxy made chasing the script path fairly easy...however, there is no mobile-device program for this process, and asking users to view the forum as a mobile device while running Charles Proxy is a stretch since it defeats the whole purpose of easy browsing.
There was a time that moving to https was the solution....and running only https ads was the solution....and running all ads under SafeFrame was the solution....and sandboxing ads...and and and....each is short term and gets defeated.
Made additional adjustments this morning, removing two ad-slots from mobile devices, which will hopefully force competition within the remaining ad slots for higher quality ads and push out the malvertising. Time will tell...WORSE, no one "reports" when they have a great experience....lol
70% of site visits are from mobile devices....10 years ago, desktop was the huge "rogue ad" issue, but was far easier to track there. Tools like Charles Proxy made chasing the script path fairly easy...however, there is no mobile-device program for this process, and asking users to view the forum as a mobile device while running Charles Proxy is a stretch since it defeats the whole purpose of easy browsing.
There was a time that moving to https was the solution....and running only https ads was the solution....and running all ads under SafeFrame was the solution....and sandboxing ads...and and and....each is short term and gets defeated.
No surprise whatsoever, but there has been a BIG increase in malvertising....where the previous 7 day period noted about 18,000 blocked ads, there are now nearly 100,000 ads that have been blocked over the past 3-1/2 days, starting Saturday December 22. A few reports from the AdOps Slack channel I monitor is noting similar reports from other publishers.
It's frustrating, but expected....any weekend combined with the holiday equals a major increase in rogue ad attempts. Fortunately, it seems GeoEdge is catching the majority of them, but no system is perfect.
Please, if you ARE being hit, post a screenshot of both the malwaread AND your browser history. Those two are at least the start to tracking and blocking.
I've spent the past 4 days browsing as a guest on my phone, and haven't been hit once....but knowing how random the malware algorithms are, it's hard to say what they are targeting.
It's frustrating, but expected....any weekend combined with the holiday equals a major increase in rogue ad attempts. Fortunately, it seems GeoEdge is catching the majority of them, but no system is perfect.
Please, if you ARE being hit, post a screenshot of both the malwaread AND your browser history. Those two are at least the start to tracking and blocking.
I've spent the past 4 days browsing as a guest on my phone, and haven't been hit once....but knowing how random the malware algorithms are, it's hard to say what they are targeting.
Appreciate the report, forwarded to GeoEdge so they an investigate and add into their system.
Sometimes cheap low tech solutions are the best. Point us in the right direction. We can take care of business.
LOL....if it were that simple, I'd have 'er handled already
Some light reading....these issues effect ALL websites, even "little" ones like the New York Times
Here’s why the epidemic of malicious ads grew so much worse last year
Big-name sites hit by rash of malicious ads spreading crypto ransomware [Updated]
GeoEdge is on top of it, but the technology/idiots behind the attacks change tactics...
and the screen shots posted here are GREAT ammo to improve their blocking tech...they've successfully blocked a few more from holiday reports....and hopefully, things "die down" for a time... #keepdreaming
LOL....if it were that simple, I'd have 'er handled already
Some light reading....these issues effect ALL websites, even "little" ones like the New York Times
Here’s why the epidemic of malicious ads grew so much worse last year
Big-name sites hit by rash of malicious ads spreading crypto ransomware [Updated]
GeoEdge is on top of it, but the technology/idiots behind the attacks change tactics...
and the screen shots posted here are GREAT ammo to improve their blocking tech...they've successfully blocked a few more from holiday reports....and hopefully, things "die down" for a time... #keepdreaming
I must be one of the lucky ones because I never have any problems at all. I do run antivirus that has anti spyware and ad blocker, VPN and keep everything updated on my mobile devices. I am not that technically advanced so it has to be pure luck on my part. Anyway thanks Woody for all your hard work. Mud is the total extent of my social media involvement as it is with many others. Mud is my Facebook, Twitter, Snapchat and Instagram substitute.
Your supporting membership means ZERO mobile ads...thank you for supporting
I have sent no less than 6 emails and 10+ screen shots to GeoEdge this evening, reporting issues that have been forwarded to me or that I have experienced on my own device.
The malvertising I've been getting on my Pixel3/Chrome/Verizon LTE is different....the rogue ad opens a new browser tab, and the MUD tab remains behind, and still usable. Close the rogue ad tab, and things work as normal. Was getting hit about every 4-5 page views.
The malvertising I've been getting on my Pixel3/Chrome/Verizon LTE is different....the rogue ad opens a new browser tab, and the MUD tab remains behind, and still usable. Close the rogue ad tab, and things work as normal. Was getting hit about every 4-5 page views.
Last edited:
