# Malicious ads trying to install possible virus



## LoREvanescence (Jun 19, 2007)

There is a ad, don't know what it is, but it is causing my browser to be hijacked and display this on TCF:










This is a fake Adobe Flash Player and not a actual upgrade. The dialog isn't even a dialog, it's part of the webpage. It rings all kinds of alarms to not click / upgrade or be infected.

Edit: Not to mention I'm in Chrome, and not Safari which that dialog box would indicate.


----------



## Mike Lang (Nov 17, 1999)

I get that one often on Yahoo's site.


----------



## Bighouse (Sep 3, 2004)

Okay, I was just reading the message posts on the Ultraviolet thread and my Safari browser changed to show a odd form about a "VIRUS ALERT" on my machine. I didn't even bother to read it, realizing it was some script or ad that had hijacked my browser on TCF.

I closed down Safari and decided to post this message. What's up with that? Anyone else get it yet?


----------



## LoREvanescence (Jun 19, 2007)

Bighouse said:


> Okay, I was just reading the message posts on the Ultraviolet thread and my Safari browser changed to show a odd form about a "VIRUS ALERT" on my machine. I didn't even bother to read it, realizing it was some script or ad that had hijacked my browser on TCF.
> 
> I closed down Safari and decided to post this message. What's up with that? Anyone else get it yet?


I got hijacked this morning a couple times by a add that was trying to install a fake flash player upgrade. "A virus disguised as updating your flash player".


----------



## Bighouse (Sep 3, 2004)

I didn't even bother to read what the image on the screen said. It was mostly all white with a lot of text on it. So I just quit safari.
There needs to be a special place in Hell for those who write virus scripts/files.


----------



## Bighouse (Sep 3, 2004)

Just got the Adobe Player Upgrade hijack...why do these idiotic virus writers and evil people want to persuade me to quit TCF????


----------



## LoREvanescence (Jun 19, 2007)

Bighouse said:


> Just got the Adobe Player Upgrade hijack...why do these idiotic virus writers and evil people want to persuade me to quit TCF????


Because they are scumballs and some how they are stealing personal information and making a buck


----------



## Bighouse (Sep 3, 2004)

Isn't it possible for admin at TCF to figure out which ads cause this type of hijack- and ban those people for purchasing ads on this site???


----------



## SullyND (Dec 30, 2004)

Bighouse said:


> Isn't it possible for admin at TCF to figure out which ads cause this type of hijack- and ban those people for purchasing ads on this site???


Not sure - it's not like they purchase ads on the site, they purchase them from a network that TCF uses.

I don't see ads on TCF (membership has its privileges) so I'm not sure what network they use.


----------



## longrider (Oct 26, 2017)

I was noticing this yesterday, a couple hijacks and even one that my network firewall blocked with a message that it was known bad site. I am obviously very new here and I will join the club as I believe in supporting sites I like to use but I very quickly turned my ad blocker back on and just live with the pop-ups from the site.

Regarding knowing who it is the ads are sold by an advertising network however a web site owner can usually refuse a specific ad. The trick is figuring out which ad


----------



## kdmorse (Jan 29, 2001)

If it's new as of today (or very recently), it's almost certainly the ransomware BadRabbit.


----------



## LoREvanescence (Jun 19, 2007)

Well, this is the URL it redirects too: Redirect.

At least the the latest one I got, with a different style flash player hijack

Anyway of determining which ad is redirecting to that?


----------



## LoREvanescence (Jun 19, 2007)

kdmorse said:


> If it's new as of today (or very recently), it's almost certainly the ransomware BadRabbit.


Even more reason to steer clear of it


----------



## LoREvanescence (Jun 19, 2007)

Well, this one was most certainly eye candy of a hijack. I'm seeing all kinds of Hijacks on TFC now.


----------



## mjcl (Oct 23, 2006)

I've encountered the fake flash update page and a beeping "YOU HAVE A VIRUS" page from TCF ads. Both times the ads redirected tabs that had been open for a little while (1 - 5 minutes?).


----------



## LoREvanescence (Jun 19, 2007)

Still seeing the "You Have a Virus" / "Flash Player Update" hijcks left and right today.

when ever I switch tabs to another forum, then tab back here I see the hijack.


----------



## TiVo'Brien (Feb 8, 2002)

I got a pop-up and the only way out was to go to another site.

It took me to a site that looked like an Apple website and encouraged me to install something.


----------



## inaka (Nov 26, 2001)

I was coming here to post this exact same thing.

Over the weekend I browsed TCF and was presented with an obvious scam popup that absolutely came from TCF. There was no way to close it and continue to the thread, and the only way was the close the entire window and start over.

Then then would come back, and it essentially hijacked your entire site making it unusable.

How are these things allowed?

Here's what it looked like on the iphone:



















Total scam ad/malware being disseminated through TCF, and causing it to shut down viewing of your site. You may want to address this ASAP.


----------



## Phil T (Oct 29, 2003)

I noticed this yesterday. I had my ad blocker off and something here was making my browser and background processes go nuts. I also noticed I had lost 14GB of disk space. I turned the ad blocker back on for this site and all is well today.


----------



## Mikeguy (Jul 28, 2005)

Phil T said:


> I noticed this yesterday. I had my ad blocker off and something here was making my browser and background processes go nuts. I also noticed I had lost *14GB of disk space*. I turned the ad blocker back on for this site and all is well today.


?!?


----------



## sharkster (Jul 3, 2004)

I've been getting these things telling me that my Adobe is out of date and to click on it to update it. I've seen this sort of scam in the past so whenever I get that I look for credible info either through Win updates and/or run a scan on Secunia PSI. Got another one today and there is nothing to indicate, on my computer anyway, that any of the Adobe programs need to be updated.


----------



## foghorn2 (May 4, 2004)

Must be the Russians at it again


----------



## LoREvanescence (Jun 19, 2007)

Lol, I didn't know my flash player could be out of date on my iPad because there is no flash support on iOS.


----------

