False positive malware warning on CBS News site

Advertisement Hang out, sip some ice tea, and shoot the breeze with TR regulars.

Moderators: emkubed, Captain Ned

Post a reply

False positive malware warning on CBS News site

Postposted on Mon Feb 04, 2013 4:22 pm

Just got this:
Image
Apparently Netseer's corporate web site got hacked. But they also use the same domain to serve out banner ads, so any site that is part of their ad network also triggers the malware warning. (Chome/Chromium apparently use a domain blacklist.)

More info: http://www.thestreet.com/story/11831193 ... tseer.html

Amusingly enough, there's a link in that The Street article to another related article on ZDNet; but the ZDNet article (as of right now) is triggering the very malware warning the article is about!
(this space intentionally left blank)
just brew it!
Administrator
 
Posts: 35193
Joined: Tue Aug 20, 2002 9:51 pm
Location: Somewhere, having a beer
Top

Re: False positive malware warning on CBS News site

Postposted on Mon Feb 04, 2013 5:36 pm

:(

just when I felt that false positives were behind us. forget gun control, where is the virus control act!!! :)
shaq_mobile
Gerbil Elite
 
Posts: 530
Joined: Wed Jul 16, 2008 1:33 pm
Top

Re: False positive malware warning on CBS News site

Postposted on Tue Feb 05, 2013 9:53 am

just brew it! wrote:Just got this:
Apparently Netseer's corporate web site got hacked. But they also use the same domain to serve out banner ads, so any site that is part of their ad network also triggers the malware warning. (Chome/Chromium apparently use a domain blacklist.)


But if they got hacked is it a false positive?

I personally am annoyed by the number of exploits that my AV/IS blocks. Pretty much every single one is linked to a banner ad.
Arvald
Gerbil First Class
 
Posts: 156
Joined: Tue Sep 27, 2011 11:14 am
Location: Gerbil-land, Canada
Top

Re: False positive malware warning on CBS News site

Postposted on Tue Feb 05, 2013 10:13 am

Arvald wrote:
just brew it! wrote:Just got this:
Apparently Netseer's corporate web site got hacked. But they also use the same domain to serve out banner ads, so any site that is part of their ad network also triggers the malware warning. (Chome/Chromium apparently use a domain blacklist.)

But if they got hacked is it a false positive?

I personally am annoyed by the number of exploits that my AV/IS blocks. Pretty much every single one is linked to a banner ad.

The explanation I'm seeing is that the ad network's public web site got hacked, so as long as you don't navigate directly to their site you should be fine. The banner ads they serve are coming out of the same domain, but their ad servers are (allegedly) not affected by the hack. The browser is triggering the warning based on the domain name, without regard for whether the file(s) being served are really infected or not.

At least that's what they're saying publicly. Depending on your level of paranoia you can ignore (or not ignore) your browser's warning as you see fit.
(this space intentionally left blank)
just brew it!
Administrator
 
Posts: 35193
Joined: Tue Aug 20, 2002 9:51 pm
Location: Somewhere, having a beer
Top
Post a reply

Return to The Back Porch

Who is online

Users browsing this forum: Google [Bot], Starfalcon and 7 guests

Powered by phpBB © 2000, 2002, 2005, 2007 phpBB Group