Posted on 06/24/2008 11:03:26 AM PDT by andy58-in-nh
Is anyone aware of an attack on the American Spectator web site?
Upon attempting to access the site (using Windows 2000NT with a Firefox 3 browser) I received the following warning:
Looking up the site in Google, I found the following at the top of the entry list:
I have sent an email to the editor's attention, but was curious as to whether anyone else has had the same problem. I wonder whether the Kos Kids or the MoveOn Morons have been at work here....
I had a virus warning yesterday and had to exit IE.
No problems here..
That’s basically what I was being told by my browser - that the Spectator site was reported to harbor malicious software, which having been a frequent visitor for many years, I tend to doubt.
Unless it has been compromised.
I just tried out the site and I got right in using firefox.
I’ve noticed that I get blank ad windows popping up on that site the past few days, which I’ve never had before. The IE popup blocker does block something, but not these blank ad windows.
Do you run No-Script? Maybe you should. I am seeing 4 scripts running there, only one of them is originating from that site.
I flushed my browser cache and tried again - with the same result. I even put the site in my “whitelist” and it still gave me the warning. (Again, I’m using FF 3.0, which has a whole new malicious code blocking scheme). What really made me suspicious was the Google result. BTW, the Spectator has an alternate site address (http://www.americanprowler.com), which works just fine for me.
It is possible that an ad did it, or, hopefully not, a listing with the bad domain names triggered it (I say this because someone in a forum could have put that in their post and Google’s bots may not have understood that such a reference was not executable). The two domains listed as the referred ones have apparently infected Sears.com.mx, which is Sears for Mexico, along with a number of other sites.
Looking at the listing, it appears that someone posted a link, possibly as a response, that triggered the site advisory. I use a DNS blacklist that blocks most malicious sites, but still, it appears to be a valid trigger. The domain holder can follow the tools available to have the site re-scanned and cleared once the content that was detected is removed.
Malicious content was found hosted though links on the spectator.org site on the following... Malicious software is hosted on 4 domain(s), including h25.6600.org, chinabnr.com, dns5.8866.org.
I would expect that the American Spectator could run through their code or filter out those referred domains and when Google reevaluates the site, it will be fine again.
I do run NoScript, and it is showing me only one script running and that is the one that’s blocked.
Must be a 3.0 thing because I am having no problems on my 2.whatever it is.
Good information: thanks, guys.
Works on IE7. Maybe you just need a better browser.
That’s strange. I am seeing them scripts for...
spectator.org
fastclick.net
zedo.com
brnadw.com
Blasphemy!
No, thanks. I find Firefox to be much faster and offers better malware protection tools and numerous other nice add-ons that Microbloat can’t match.
Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.