Browser hijacking warning on Nexus!

[Dogders]

I can only verify bout the redirects, this pc is unattended often and seemed to have 3 in the last 30 mins while logged in to the site. same specs, firefox updated javas etc, gonna let it run awhile longer and try to watch it some. I wasnt really paying attn and its not my field of expertise anyhow.

[WhoGuru]

And again today I'm afraid. :confused: I remembered to screenshot the page this time though. Perhaps this will help? Again, had to use the task manager to kill FF in order to close the page.

 

http://i45.photobucket.com/albums/f85/whoguru/Oblivion%20Screenshots/Nexus01.jpg

 

And this one a few seconds later when I tried to open one of the other tabs.

 

http://i45.photobucket.com/albums/f85/whoguru/Oblivion%20Screenshots/Nexus02.jpg

[Dark0ne]

Thank you for the screen grabs. These should help with pinpointing the culprit ads with the ad publishers.

[WhoGuru]

No problem. If it happens again I'll be sure to grab more if I notice different ads. :thanks:

[WhoGuru]

Aaaaaaand again. Sorry guys. :confused: Here's another ad screen for you.

 

http://i45.photobucket.com/albums/f85/whoguru/Oblivion%20Screenshots/Nexus03.jpg

[buddah]

The more info we have, the easier it is to track down. Dark0ne will look at this in the morning, but when it happens please do let us know.

 

Buddah

[Nero1534]

Thank the gods (no that does not include you Buddah :P) that this hasn't happened to me...yet. <_< And hopefully it never will. I hope you can all sort this out soon, as i had a similar problem a few days ago with this stupid "System Security 2009" issue. I had to backtrack to the day before to officially get rid of it. :[ So i share your annoyance at how frustrating this can be.

 

Have fun and be safe modders!

Nero.

[Harabec Weathers]

I too have been getting multiple intrusion attempts when I visit the Fallout Nexus. My antivirus has so far blocked all of these attempts, at least to my knowledge so far. The latest one happened just a few minutes ago.

 

HTTP Malicious Toolkit Download Activity

Intruder: rr.nntoz.info(66.135.37.21)(http(80)).

Risk Level: High

Protocol: TCP

Attacked IP: 0.0.0.0

Attacked Port: 1119

 

rr.nntoz.info(66.135.37.21) is the site my antivirus has it has blocked communications with for a temporary amount of time.

 

I hope this info can lead to the elimination of these attackers :/

[Netwit2008]

I don't know if this will be helpful or not, but I just read about this last night in my ZDNet newsletter. What grabbed my eye was that Gamespot and WOW were affected, which made me wonder if we'd also be targeted here. The article summary states:

 

EyeWonder malware incident affects popular web sites

 

Dancho Danchev: During the last couple of hours, visitors of popular and high trafficked web sites such as CNN, BBC, Washington Post, Gamespot, WorldOfWarcraft, Mashable, Chow.com, ITpro.co.uk, AndroidCommunity; Engadget and Chip.de, started reporting that parts of the web sites are unreachable due to malware warnings.

 

Here is the link to the full story if you think it might be a possible cause:

 

http://blogs.zdnet.com/security/?p=3694&tag=nl.e540

 

I do know that I've experienced severe slowness with the site within the past couple of days. So much so, I had to just log off at one point. No browser hijacking though thank God. What is early morning to you guys is late night for me (for example now it is 10:19 pm here), so I didn't think it could be attributed to high traffic or anything. Anyway, hope this info helps in some way.

[mikethorgeo]

Haven't gotten any redirects up till now, but a few minutes ago some files were just impossible to download for me. Mainly the ones that are big and require the user to choose between the free and premium servers. When clicking the free server it would just sit there until a screen with a "connection resert by peer" or something came up.

 

But just now I was able to download a file, so ... don't really know the current situation.