Donate to Remove ads

Got a credit card? use our Credit Card & Finance Calculators

Thanks to johnstevens77,Bhoddhisatva,scotia,Anonymous,Cornytiv34, for Donating to support the site

Warning about malware

Discussions regarding financial software
tjh290633
Lemon Half
Posts: 8208
Joined: November 4th, 2016, 11:20 am
Has thanked: 913 times
Been thanked: 4096 times

Warning about malware

#200264

Postby tjh290633 » February 10th, 2019, 9:58 am

I just had need to go to the Weebly page and got a Google message about malware being detected there. I t suggests that care may be needed until Kiloran can look at it.

TJH

Breelander
Lemon Quarter
Posts: 4179
Joined: November 4th, 2016, 9:42 pm
Has thanked: 999 times
Been thanked: 1855 times

Re: Warning about malware

#200273

Postby Breelander » February 10th, 2019, 10:34 am

tjh290633 wrote:I just had need to go to the Weebly page and got a Google message about malware being detected there.


I went there too, probably at the same time and for the same reason (in response to a new post). I got no such warning.

Can you reproduce the warning? It would help Kiloran if you said which AV gave you that warning, and any other details like which browser and the steps you took that led to the warning.

For my part, I use W10's Defender with Smartscreen turned on. Browsers were Firefox and Edge.

chas49
Lemon Quarter
Posts: 1935
Joined: November 4th, 2016, 10:25 am
Has thanked: 216 times
Been thanked: 457 times

Re: Warning about malware

#200277

Postby chas49 » February 10th, 2019, 10:49 am

This is the message that I got (using Chrome on Win10). It comes from Google rather than my own AV/Antimalware

The site ahead contains malware
Attackers currently on cdn2.editmysite.com might attempt to install dangerous programs on your computer that steal or delete your information (for example, photos, passwords, messages, and credit cards).

...

Google Safe Browsing recently detected malware on lemonfoolfinancialsoftware.weebly.com. Websites that are normally safe are sometimes infected with malware. The malicious content comes from cdn2.editmysite.com, a known malware distributor.

If you understand the risks to your security, you may visit this unsafe site before the dangerous programs have been removed.


As far as I am aware, this site is run by Kiloran rather than TLF. I have PM'd him to alert him to this.

kiloran
Lemon Quarter
Posts: 4092
Joined: November 4th, 2016, 9:24 am
Has thanked: 3234 times
Been thanked: 2827 times

Re: Warning about malware

#200294

Postby kiloran » February 10th, 2019, 11:52 am

Thanks for the warning.

It's certainly a concern, though I have no idea what is causing the report of malware. I've checked with two laptops on Windows 10 using Chrome, Firefox and Edge and don't get any warning messages. My laptops use Windows Defender and Comodo Firewall, and I regularly check both laptops with Malwarebytes. I can't remember the last time I got a virus or malware warning, it was certainly a very long time ago.

I just checked our Weebly site on https://transparencyreport.google.com/s ... ing/search and got no reports of any problems.

I've also changed the admin password for the site

Any experts got any other things I could check?

--kiloran

kiloran
Lemon Quarter
Posts: 4092
Joined: November 4th, 2016, 9:24 am
Has thanked: 3234 times
Been thanked: 2827 times

Re: Warning about malware

#200302

Postby kiloran » February 10th, 2019, 12:33 pm

I just checked our Weebly site on https://sitecheck.sucuri.net/ and this does report a potential issue. I need to determine if https://sitecheck.sucuri.net/ is a reputable site, and if the report is correct or maybe a false positive.

Work continues....

--kiloran

tjh290633
Lemon Half
Posts: 8208
Joined: November 4th, 2016, 11:20 am
Has thanked: 913 times
Been thanked: 4096 times

Re: Warning about malware

#200307

Postby tjh290633 » February 10th, 2019, 1:30 pm

The message which chas49 reproduced above is that which I got from Google on my Android mobile phone.

TJH

chas49
Lemon Quarter
Posts: 1935
Joined: November 4th, 2016, 10:25 am
Has thanked: 216 times
Been thanked: 457 times

Re: Warning about malware

#200337

Postby chas49 » February 10th, 2019, 3:40 pm

kiloran wrote:Thanks for the warning.

It's certainly a concern, though I have no idea what is causing the report of malware. I've checked with two laptops on Windows 10 using Chrome, Firefox and Edge and don't get any warning messages. My laptops use Windows Defender and Comodo Firewall, and I regularly check both laptops with Malwarebytes. I can't remember the last time I got a virus or malware warning, it was certainly a very long time ago.

I just checked our Weebly site on https://transparencyreport.google.com/s ... ing/search and got no reports of any problems.

I've also changed the admin password for the site

Any experts got any other things I could check?

--kiloran


Interestingly that's the site you get to if you follow the links in the error message - and which also said there was a problem with "cdn2.editmysite (d0t) com" (link broken just to limit accidental clicks)

Visiting the site now shows no error!

kiloran
Lemon Quarter
Posts: 4092
Joined: November 4th, 2016, 9:24 am
Has thanked: 3234 times
Been thanked: 2827 times

Re: Warning about malware

#200342

Postby kiloran » February 10th, 2019, 3:56 pm

chas49 wrote:
kiloran wrote:Thanks for the warning.

It's certainly a concern, though I have no idea what is causing the report of malware. I've checked with two laptops on Windows 10 using Chrome, Firefox and Edge and don't get any warning messages. My laptops use Windows Defender and Comodo Firewall, and I regularly check both laptops with Malwarebytes. I can't remember the last time I got a virus or malware warning, it was certainly a very long time ago.

I just checked our Weebly site on https://transparencyreport.google.com/s ... ing/search and got no reports of any problems.

I've also changed the admin password for the site

Any experts got any other things I could check?

--kiloran


Interestingly that's the site you get to if you follow the links in the error message - and which also said there was a problem with "cdn2.editmysite (d0t) com" (link broken just to limit accidental clicks)

Visiting the site now shows no error!

I'm still investigating, but it appears that the cdn2.editmysite is third party software which is a fundamental part of Weebly, rather than anything I've inadvertently added. I'm trying to find out what the potential issue is. One analysis I have states
"​Third party content (such as images, JavaScript, or CSS) is loaded from external resources. Despite that for some web applications it can significantly improve loading time, it may also put website visitor's privacy at risk, as information about website visitors become accessible to these third-party content providers. ​Moreover, third-party content delivered via the HTTP channel and not HTTPS may expose your privacy."


The Weebly site is currently http and I do have the ability to change it to https which may improve security, but I'll tread carefully with this in case I irreversibly break something.

--kiloran

kyu66
2 Lemon pips
Posts: 247
Joined: November 14th, 2016, 5:14 pm
Has thanked: 2 times
Been thanked: 131 times

Re: Warning about malware

#200468

Postby kyu66 » February 11th, 2019, 9:46 am

kiloran wrote:
The Weebly site is currently http and I do have the ability to change it to https which may improve security, but I'll tread carefully with this in case I irreversibly break something.

--kiloran

I doubt making the site https would help in this instance of upstream poisoning. Even if the entire chain were https, if the upstream site is compromised then any malware will propagate regardless.

Unfortunately, this type of hack is getting more and more prevalent, e.g. the BA website last year.

torata
Lemon Slice
Posts: 521
Joined: November 5th, 2016, 1:25 am
Has thanked: 203 times
Been thanked: 210 times

Re: Warning about malware

#200961

Postby torata » February 12th, 2019, 10:58 pm

Just happened to notice this thread.

I'm didn't get a warning, but I use ad blockers so wonder if that is why. If cdn2.editmysite is third party software site, then I wouldn't see it and so wouldn't get the warning.

torata


Return to “Financial Software - Discussion”

Who is online

Users browsing this forum: No registered users and 4 guests