Security Threat in Site Advertising

[kwah]

Hey.. Just been looking at the site's archives via Google and came across https://www.physicsforums.com/archive/index.php/t-187556.html

So far, the problem has been limited to this page and results can be repeated, but a popup to http://www.skypoker.com/poker/sky_lobby?aff=1231 appears.

Internet Explorer then alerts me "This page is accessing information that is not under its control. This Poses a security risk. Do you want to continue?"


I've not got any idea what exactly it is trying to access, but figured PF staff should be alerted of this.


Regards,
Kwah =]

 

[ZapperZ]

I don't get that pop up when accessing the page. Does it occur every time you tried?

In most cases, the "mechanism" that causes that "context sensitive" advertisement to pop up resides on your computer, which means you might want to do a scan of your hard drive to make sure there are no adware that had installed itself.

Zz.

 

[Astronuc]

I also don't get a pop-up, and there is no indication that a pop-up is blocked.

 

[kwah]

I'm accessing it from my school's network so I find it highly unlikely that it is the cause of AdWare.

Yes, I've tested on three separate machines (on the same network) and each display the popup every time the page is loaded.

The computers are using XP SP2 with Internet Explorer 6.0, it is possible that the popup is targeted at this browser/machine combination in order to take advantage of a browser exploit for example.

In the last few minutes (literally just, as I was typing out this because I was going to explore further in terms of viewing the source code of the page), I noticed the advert at the top of the page had changed from a pinky-coloured to "Time Out, Please Take our survey" and various others and the popup has not appeared since.


Whether or not its the cause of a rogue advert or otherwise malicious code (either on site or on the machines) it remains to be seen.

Regards,
Kwah =]