CAD an attack site?
 

I try to get on here and keep getting error messages from Google saying the site is classified as an attack site............anyone else getting this?

I have received a complaint from a couple of members. I notified the owners of the site but have not heard anything back from them. I have not experienced any difficulties logging on myself. You might try logging on with another search engine and see if you are still having a problem.

I had the same thing for a day last week and alerted CAD, too. And no, I never heard back. :roll:

Here I thought it was just my connection!!!!!

Got to LOVE Google looking out for the commoners!!!!!!

IMHO... yes CAD is an attack site. I am more than annoyed with these ridicules ads. I would rather pay a yearly membership, than be spammed to death.

I've complained to IB more than once, even as recently as two weeks ago, and they have never had the decency to return my message. I've informed them of some of the glitches I experience, as well as I've had numerous members PM or email me in regards to having similar problems. They asked for feedback...yet they ignore you when you take the time to "offer help." :roll:

There is one ad in particular that has been tracking every site I've previously visited. If it was eBay, it pulls up an ad for me in regards to eBay. Once I looked up gold spot prices, and got lots of gold selling sites.

I generally have to wipe my hard drive clean and reboot back to factory once a year, and that is a major pain in the butt, as it takes a lot of hours to do. I did that last March, and since then all my issues seem to trace back to CAD. They are "moderate threats" maybe, but if you have any moderate threats from a site, you can also get a more serious threat. I use several securities, and have to clean once or twice a week, and I wipe all online activity clean every day....so some of this crap gets embeded.

I just recently been getting a threat warning in regards to this website. I don't know if it's from a recent new ad, or what. This is what my threat warning says;

My warning reads;

"Warning: Visiting this site may harm your computer!

The website at classadrivers.com contains elements from the site ifsjgbwiu398.in in which appears to host malware software that can harm your computer or otherwise operate without your consent."

I have to click on a box to [return to safety] or choose a box to proceed anyway as the risk.

Same here.
Started giving me this junk yesterday, twas fine beforehand though.

Yep.
 

Firefox gives me the warning saying that this site is an attack site BUT can't give me any reason at all why that it is considered to BE one. Microshaft Innernut Exploder 8 gives no such warning. I HATE using MSIE for any reason due to the infinite security holes that a whole world full of asshats are just waiting to take advantage of. *grrrrr*

The security program that I have been using has stopped anything from happening to my system. I have it programmed to scan every day just to be on the safe side. It also prevents any unwanted pop ups from showing up. So far I have not had any noticeable increase in spam in my email. Of course, I receive enough already. :roll:

I'm on my Safari connection now and no issues. Basically Google was saying it's a possible attack site but that over the last 90 days nothing malicious has come from here. It said something about 3rd partys being able to leave something without anyones knowledge until the ***** hits the fan.

Quick Edit, now back on a regular computer with Firefox and it's now saying that 3 times over the last 90 days something malicious has been downloaded onto computers without the user's consent from this site. This morning it was nothing had happened over the last 90 days........

What is an attack site? Is that where they have lots of spyware and stuff?
I use IE, and I just type CAD from my favorites and pulls up the site. I have noticed that I get a lot of junk mail. People needing money, or some women from no-telling where wanting something. :hellno:
All the links we have, are those full of spyware, malware and what not? Is that why we've been having trouble?

Are you Apple or PC? I'm PC. (never again...I wish I was Mac)


I agree these ad sites are mostly a nuisance, but still they track you everywhere you go, and monitor your habits, stuff you buy, etc. You'd be surprized how much crap your PC will have hidden most Security systems don't recognize. I'm very careful, and I still have to wipe my HD clean and reboot to factory specs once a year.

I use Internet Explorer 7, Mozilla FireFox, and Google Chrome.
Bit Defender, Large Software PC Tune up, SpyBot S&D, Microsoft Malicious Software Removal.

I strip and scrub at least twice a week. http://i97.photobucket.com/albums/l2...and10/bath.gif

Sommovabeetch...I just made a PM, and didn't bother to copy it incase this lousy site screwed me again.

I clicked on send and got a warning page with only one way out...off the site. (lost my work) :mad:

I'm not saving this crappy post...if this gets lost, so is my membership...I'll be over at Fredogs. :D

What's his site's address? This is BS...

Same problem here with FireFox, IE lets me in with no problem. Or did it let me into a problem ????

Here is what I got on the report:


Safe Browsing
Diagnostic page for classadrivers.com

What is the current listing status for classadrivers.com?

Site is listed as suspicious - visiting this web site may harm your computer.

Part of this site was listed for suspicious activity 3 time(s) over the past 90 days.

What happened when Google visited this site?

Of the 227 pages we tested on the site over the past 90 days, 116 page(s) resulted in malicious software being downloaded and installed without user consent. The last time Google visited this site was on 2010-05-25, and the last time suspicious content was found on this site was on 2010-05-24.

Malicious software is hosted on 1 domain(s), including ifsjgbwiu398.in/.

This site was hosted on 1 network(s) including AS25973 (MZIMA).

Has this site acted as an intermediary resulting in further distribution of malware?

Over the past 90 days, classadrivers.com did not appear to function as an intermediary for the infection of any sites.

Has this site hosted malware?

No, this site has not hosted malicious software over the past 90 days.

How did this happen?

In some cases, third parties can add malicious code to legitimate sites, which would cause us to show the warning message.

Next steps:

* Return to the previous page.
* If you are the owner of this web site, you can request a review of your site using Google Webmaster Tools. More information about the review process is available in Google's Webmaster Help Center.

Fredogs' Trucking Clubhouse - Home :D

I'm the newest member at Fredogs, but so far that hasn't made Ann Coulter any less indifferent toward me. I hoped she would be impressed, but she tells her friends I'm just the plumber. :tears:

Someone may have hacked the code, but still ...can't we have a stronger site?
I don't see these problems at other sites I visit.

I dunno... maybe if robertt would FedEx me one of those luscious Shawnee princess hotties, from his Tribe in Oklahomo, I'd have less time on my hands to care about CAD. :D

FWIW, here is CAD's response:

For what it is worth....this is what Norton says about CAD.

Norton Safe Web, from Symantec - report for classadrivers.com

Norton has been flagging CAD on my puter's for a little over a month now. Norton checks each thread I click on....and it gets annoying...but better safe than sorry I guess.



:micro:

Well, it's working fine for me now so looks like some sort of gear got turned.

Just for you Hog. :thumbsup:

I have a PC. Apple doesn't seem to have problems with virus attacks as does PC's.

Thanks... where the cows outnumber people, I might just have a chance, even though I'd make snarling noises as I nibble off all that fringe one by one, saving them for floss.

I'm sure your Tribe will regret your helping me, but it's probably been years since any Shawnee remembers what Swamp Ottawa are like. :p

Good reason for that GMAN, Apple doesn't normally rush to get the latest and newest operating system out without thoroughly checking it out hence why it's so tough for hackers and virus writers to take down a Mac. Their systems have very few open doors and flaws like Microsoft systems do and run a little differently so codes have to be written differently. The hackers haven't had much success in figuring them out but you can be certain they are trying their darndest. I think my next computer will be a Mac for security reasons.

I thought about getting a MAC when I bought my last computer. If they were closer in price I would have given more consideration to it. I could not justify the high cost differential. Another problem that I can see with any Apple products is the software compatibility problems. Most of the software that I use is for an IBM system.

Yep, you may pay a bit more(had to change that from a little more to a bit more) but it can lead to much less headaches with virus' and junk versus a regular PC.

By way of introduction, my name is Steve and I am with IB. I wanted to address some of the concerns and questions in this thread:

CAD was hacked but is/was not an attack site. We removed the malicious code yesterday and the alert/block was lifted several hours later. The hackers intent: anyone who visited the site from a search engine would be redirected to a pharmaceutical site. There was no virus or downloaded malware that would impact a user on the site. Just to be clear, there was no danger to your computer, data or identity. We're not sure how successful the hack was in redirecting traffic because Google issued that alert which was picked up by Firefox and Chrome rather quickly before we got any reports of funny stuff. As Twilight Flyer mentioned above, Internet Explorer/Microsoft apparently caught it briefly on Friday but the alert went away within a few hours without us doing anything. Our guess was that someone reported it manually (as anyone can do from their browser) and that the site was deemed safe by IE/MSFT. We sincerely apologize for any inconvenience this has caused the community.

Just to be on the safe side, when I got the warning, I simply closed the page and walked away from the computer. Next day, I tried again, and no warning, so I went ahead and browsed the site for items of interest.

Anytime I get a warning about a site, I immediately lose all interest in that site... At least for the time being. If I get warnings twice, I don't bother with a third try.

Not sure if I'll upset the powers that be by posting this, but I use the No-Script add-on for firefox to avoid the ads. It's a tad bit annoying at first to set up your browsing habits but worth it when done. The benefit is that if another site attempts to launch a malicious script it will be blocked and it's only a 10 second install with a reboot of firefox.
Say I pull up the LA times site. there are 9 or 10 different sites executing scripts off the main page alone.3 or 4 for ads, 1 for video and several others. With that program you have to manually allow each site. I can allow the main site and the video site to watch the news stories. If I don't allow the 3 or 4 ad sites to execute their scripts I'll never know what pointless products the times is trying to get me to buy.

Peace, Love and Janis on the radio
-Kimball

I did try "AdBlocker" which FireFox offers, and it use to work, but the ads here got more aggressive over the last year. I like Google Chrome as my regular browser.
I agree, there are blockers you can take the time to set up, and maintain.

One ad I've notice I really think caused me trouble seems to be magically gone now, since the "hacked code" was repaired. :roll:

It's no secret I have no respect nor any regard for the "new owners" and I don't believe half of anything they say. But that's just me. :mad:
I know I didn't imagine all the glitches.

Far as I am concerned...maybe one or two of these admin from Internet Brands are okay. The rest can take a flying leap off an LA overpass in heavy traffic.

I quit as admin here because of the interference and total disrespect from these jerks... but I had put that all that behind me. They have asked for feedback with regards to any site concerns... but when you PM them offering a heads up to potential site problems, and/or glitches... and you get absolutely no response back. Seems nothing has changed in regards to how Internet Brands views this site, or how they treat the members.

I do like MikeSims...and how he made a thread and kept up with fixing our denial of service attack. :thumbsup: I also really liked Lee who was the original IB rep...but he left early on after IB's BOTCHED MIGRATION. :pissedoff: [and these IB dweebs even own the vBulletin software :rofl: ] That caused Twilight, Ridge and me hours of cleanup. I mean...hours and hours.

Brings back memories of the total lame BS (politician-like) excuse they give...insulting your intelligence even further.

Even the staff here says IB is slow to respond...if they respond at all. So...I wouldn't worry about what Internet Brands thinks or feels. I and all the oldtimer members here sure do miss Jeff and Lucinda...CAD's original owners!

Ug, my long post got deleted due to time out, so I'll break this into a couple posts.

Shorter version, so this will be briefer and not as cordial. The bluntness isn't directed at you guys, but to the damn session id that timed out after 20 minutes.

IB doesn't want to piss you guys off or do anything that makes you leave. We want you here because we want to make money on ad revenue. Does it seem heavy handed some times? I think so, but I'm a tech guy, not a business guy. However, I do like getting a paycheck.

If you want to use ad blockers (AdBlock Pro), be my guest. I do. Shhh.

The only two people on here from IB right now are Steve (GILBOLA) and I. If you got issues, send them to him. I generally don't play in the communities here at work. I fly planes and don't even participate in the aviation sites I run. Steve and I run the Careers sites here at IB, so that's about a dozen sites. You aren't a low priority (in fact, CAD is near the top of my list), but resource management is not always perfect.

IB isn't some nefarious evil entity. There are hiccups up and down the chain, of course, as there often is in an organization. I definitely am not a Kool-Aid drinker. We have tech burps (both internal and from our provider), but some issues are external. If you guys complain about something and we can't corroborate it to our monitoring, we have to attribute it to an external factor. That doesn't mean we are ignoring you or think you are full of crap, it just means we can't reproduce it from our end.

Just because we own VB doesn't make all of us experts. I barely know the software. In fact, I know one of our competitors better because I've run sites myself as an admin *cough, IPB, cough.* However, if something does go wrong, I have a lot of resources here who can steer me in the right direction.

I'll touch on the malware in a second post, but let me hit a couple more references.

1. No ad was responsible for it. Nor did we remove an ad in response to the issue. We've had ads break a site before, but those are served to us through google or dfp or whatever.

2. The 'following' you mentioned RoadHog is almost 100% due to Google ad/analytics tracking. There are anonymizers (I had one on FF, but it doesn't work in FF 3.6). This was even in the news this week that google will let you opt out. Link to news. We track for statistics, but we do not track as single thing about your habits.

Malware Attack

On Thur/Fri? we got wind of the issue showing up on Internet Explorer, but IE didn't tell us anything. As far as we know, the 'reported attack' was someone pissed at us or just being a dbag. Since it wasn't happening on other browsers, we took a wait and see approach.

On Monday, we got it on Firefox, but FF uses Google to assist with that. So, combined with that info and Webmaster Tools, we were able to figure out why we were and what to look for. Sometime later that day, we found a shell script buried deep within the site that gave the hacker access. What the hacker did was to rewrite a couple files to include a redirect to a pharmaceutical site (which was safe, but just assholish) and another redirect to a site that if you downloaded the file, would install Malware. Just hitting the site, to my knowledge, would not harm you. It was the link to that site that made us guilty by proxy and the cause for the security warnings.

There was nothing intentional there because the least we would want to do is stop traffic and revenue to our site.

Once we cleaned the code, Google allowed us back.

How did the hacker do it? Don't know.
My conjecture was that it was through OwnerOperatorJobs and that there is a security vulnerability somewhere in the code that allowed the hacker to get their script on to the site. We're going to check through the forms and such to make sure it is clean, but since we didn't code it, we'll have to do a complete code review at some point to find it.
Once they were on the system, some of the same files are used on CAD and OOJ and that is why it affected this site.

VBulletin also has some vulnerabilities, but it does not appear to have been done via that.

Our network team was provided the code, so they will be checking for some signatures in it to assist in detection and isolation if it happens again.

That's pretty much all I got.

Thanks for treating us with some respect, and offering an explanation.
MikeSims you are a gentleman, and thanks to GILBOLA for taking the time to level with us.

We understand the corporate mind and methodology. That's why we loved the family operation of Jeff and Lucinda, who made this site great.

I am fed up with the past treatment, but impressed with how you offer consideration. Again, thank you.

I'd rather pay a membership fee, and do away with all this advertisement. I don't know the consensus with other members here.
That way...even the moderator staff can make a few pesos to pay for the Eye Doctor visit and Rolaids.

Different levels of privilege....
Basic free membership
Gold membership
Platinum membership

-------- edit
Ya know what...it just dawned on me. Ever since IB came along and screwed CAD to hell and gone, the regular membership here dropped by about I don't know...a lot.
The paid membership would never work now. You only have about a couple dozen regular posters.
Of course the Industry has slowed down, but I see pretty good activity at some competitors in comparison, who we use to rival.

Boy am I reminded now of how rotten IB was to us when they first took over CAD.
Some memories were funny though. Like the mass banning! ... I had to email 300 members or more to tell them sorry... it wasn't me! LOL

That "mass banning" had me off the site for about 6 months or more. I finally came back with a different screen name. I thought of it as being a bit more than a simple "hick up".

I hear ya Windy!
There were a lot of pissed off drivers... and the mod staff took all the heat, who had nothing to do with it. People hated the change from phpBB to v.B let alone the complete without warning FUBAR. The mod staff was even treated worse than the general population.

I was throwing beer bottles and breaking furniture in the Moose Lodge using my best French Canadian on the IB jerkoffs for weeks.

I know these IB guys want to make a wage... just keep in mind all the work the day to day mod staff does for free. :mad:

:bow: God help whomever replaces Twilight.

We lost a lot of members with the change over after IB bought the site. It was a challenging time. I am not sure that we have regained the momentum since that happened. People don't want to be inconvenienced. Most are too busy working to spend much time trying to work through website problems. Thanks for explaining things, Mike.

It's been pretty obvious, there have not been as many active members on here ever since the change over. Sure, it's active, but not like it was before. And, it seems the activity is dwindling slowly. I do not expect it to be a viable site for that much longer.

That goes for me too. Thank you, Mike.
I have no idea what you said :lol2:, but it sounds like you got the problem fixed. :thumbsup:

Were yall able to find the hacker? Even the hackers leave a trail. They can't cloud all of their tracks.

From reading Mike's post, it sounded as if the hacker was doing this as a personal attack at CAD. Reckon someone did this due to being banned? Who did yall ban?? Wonder who it could have been? http://forum.thescubasite.com/confused/confused0075.gif http://forum.thescubasite.com/confused/confused0006.gif :p

On a serious note - .. I use Windows Internet Explorer. I tried Firefox one time, but I guess I'm old fashioned. I didn't care too much for the Firefox. Maybe it was the 'change'.

i am a mac and i love it. when it came time to buy a new laptop, i gave my husband the choice, mac or pc. he was always complaining how the pc was always crashing or something. it took a bit of getting used to, but no regrets about spending the money. my daughter has a netbook. i had to tell to be very careful about the websites she visits because of the viruses. once a virus hits a pc, it seems you are never truly rid of it.

I admit it, it was me. I stepped down as admin to throw the dogs off the scent trail. :P

Dunno, the statement that there wasn't anything to it may not be accurate. The night I posted in this thread my computer sent email to everyone in my mailing list to of all things, a pharmaceutical companies website. Seems there may be something there!!! Several Norton scans have revealed nothing but I am a bit worried. If it sends another tonight, I will know it had to be this board.

Hope not!! I enjoy the company too much to leave!