• "Spreading the ideas of freedom loving people on matters regarding high finance, politics, constructionist Constitution, and mental masturbation of all types"

MALWARE Embedded On GIM

newmisty

Splodey-Headed
Midas Member
Site Supporter ++
Joined
Mar 31, 2010
Messages
24,790
Likes
34,764
Location
Qmerica
#1
I've read that malware can be embedded in a site to direct traffic away from search results and users.
Was performing a search when I encountered the red warning page where I had to click DETAILS and then CONTINUE TO VISIT UNSAFE SITE to carry on.

Just an FYI FWIW

1546465713029.png
 

EricTheCat

Gold Member
Gold Chaser
Sr Site Supporter
Joined
Apr 2, 2010
Messages
1,140
Likes
2,483
Location
Southern MN
#2
Interesting. Does it do this for the whole site for you? Normally I see that if Chrome does not trust the certificate for a site. Chrome on my PC does not complain and shows a valid certificate through 1/29, FWIW.
 

newmisty

Splodey-Headed
Midas Member
Site Supporter ++
Joined
Mar 31, 2010
Messages
24,790
Likes
34,764
Location
Qmerica
#4
Interesting. Does it do this for the whole site for you? Normally I see that if Chrome does not trust the certificate for a site. Chrome on my PC does not complain and shows a valid certificate through 1/29, FWIW.
Once I got to that first warning screen the whole site showed it as pictured. Once I closed thar tab the other tabs are still without any such warning or message.
 

EricTheCat

Gold Member
Gold Chaser
Sr Site Supporter
Joined
Apr 2, 2010
Messages
1,140
Likes
2,483
Location
Southern MN
#5
Once I got to that first warning screen the whole site showed it as pictured. Once I closed thar tab the other tabs are still without any such warning or message.
So it no longer shows https as crossed out? If so, I don't know what to tell you. :)
 

Irons

Deep Sixed
Sr Site Supporter
Mother Lode
Joined
Mar 30, 2010
Messages
29,046
Likes
51,766
#7
Misty's device has gremlins!


No warning screen here. EDIT: so far
 

newmisty

Splodey-Headed
Midas Member
Site Supporter ++
Joined
Mar 31, 2010
Messages
24,790
Likes
34,764
Location
Qmerica
#8
Misty's device has gremlins!


No warning screen here. EDIT: so far
Now that you mention it, the strange thing was that it only started after reaching a certain page in the Q thread.
 

newmisty

Splodey-Headed
Midas Member
Site Supporter ++
Joined
Mar 31, 2010
Messages
24,790
Likes
34,764
Location
Qmerica
#10

TomD

It blowed up, y'all
Site Supporter
Platinum Bling
Joined
Mar 30, 2010
Messages
4,109
Likes
5,350
Location
Florida Panhandle
#11

michael59

heads up-butts down
Sr Site Supporter
Platinum Bling
Joined
Apr 1, 2014
Messages
10,195
Likes
6,388
Location
on the low side of corporate Oregon
#13
What was it that happened to me a while ago? Some wired grey screen that intimated I did not....crap gona have to look for it.... K gots it. and, this is what I sent Scorpio because of it:
so a crazy thing happened on my way to GIM2. As I typed in Goledismoney2.com I instantly received a "Your account has been suspended." Yeah. So I did it again and the same thing. So I hit one of the earth is flat thingys that poke up when I type in gim2 and logged in that way.

Am I banned or is them pesky alphabetts f'n with me? Look I can take a sit down or an out and out ban but dammit if I am going to let the alpha-butts f with me. I have a friend who I cant call because the fbi is fucking with his phone so I do understand as I can text him and he can call me but when I call, his number is out of order.

Fuck its amazing; real life don't get any better than this...shit hollieweed has no clue.

yep that is how it happened that day.
 

techguy2

Meh
Gold Chaser
Joined
Mar 30, 2010
Messages
1,794
Likes
1,371
#14
The issue appears to be that there is insecure content being displayed within the page. I.e. the URL for the site IS https:// but there are certain images that are only http:// hence the warning that the site is unsafe. Chrome/Firefox/Edge, etc, are now displaying warnings for sites that are not fully https://

The SSL/TLS cert for the site is valid. There is no malware, just some site configuration settings that would need to be tweaked.

.02
 

techguy2

Meh
Gold Chaser
Joined
Mar 30, 2010
Messages
1,794
Likes
1,371
#15

the_shootist

Midas Member
Midas Member
Midas Supporter
Joined
May 31, 2015
Messages
32,519
Likes
42,446
#16
PS> appears to be this:

http://www.kitconet.com/images/sp_en_6.gif

At least that's the first one I found.

If the mods would change the http on the kitco spot price, it would solve at least that issue. I checked and it does respond to https.

should be: https://www.kitconet.com/images/sp_en_6.gif
Yep, makes sense. I still had an SSL connection in my address bar and checked to see the SSL certificate for GIM is still valid until the end of the month. I didn't do much more investigating beyond that. Good job with the troubleshooting!
 

Strawboss

Home Improvement Sales Trainee...
Gold Chaser
Site Supporter
Joined
Mar 31, 2010
Messages
4,767
Likes
8,125
#17
I have mentioned more than once the downside to our fearless leader retaining the services of a certain "Mr. Awan" for our hosting/IT related issues...

But our fearless leader appears to be adamant about procuring the services specifically from a certain "Mr. Awan"...
 

Libertaurum

Freedom First
Platinum Bling
Joined
Apr 2, 2010
Messages
4,271
Likes
3,109
#18
Come on, admit it... You'd be a little disappointed if GIM showed up as "Totally Safe, Bring the Childrins".
 

Scorpio

Скорпион
Founding Member
Board Elder
Site Mgr
Midas Supporter
Joined
Mar 25, 2010
Messages
27,910
Likes
35,452
#19
The issue appears to be that there is insecure content being displayed within the page. I.e. the URL for the site IS https:// but there are certain images that are only http:// hence the warning that the site is unsafe. Chrome/Firefox/Edge, etc, are now displaying warnings for sites that are not fully https://

The SSL/TLS cert for the site is valid. There is no malware, just some site configuration settings that would need to be tweaked.
tech,

your fix to the kitco ticker has been completed,
that line item in page container is changed to https

one thing guys to remember, is that as content is brought here from other places, cut and pasted, it brings its properties with it

much of our database has images and the like that are not https,
and I have found that it does affect us some in the big picture.

don't know if I am totally right on that, but it was my result from looking into this prior,

the kitco thing updates all the time, so is constantly feeding the expired http and was a great catch. Always assumed the kitco would stay up to date.

my bad on that one for sure
 

the_shootist

Midas Member
Midas Member
Midas Supporter
Joined
May 31, 2015
Messages
32,519
Likes
42,446
#20
tech,

your fix to the kitco ticker has been completed,
that line item in page container is changed to https

one thing guys to remember, is that as content is brought here from other places, cut and pasted, it brings its properties with it

much of our database has images and the like that are not https,
and I have found that it does affect us some in the big picture.

don't know if I am totally right on that, but it was my result from looking into this prior,

the kitco thing updates all the time, so is constantly feeding the expired http and was a great catch. Always assumed the kitco would stay up to date.

my bad on that one for sure
In the grand scheme of things nobody died Scorp. Unless you do this stuff for a living and devote to it full time, it's not easy keeping up with all the little nuances of managing a website. Thanks for caring man!!
 

hammerhead

Morphing
Gold Chaser
Sr Site Supporter
Joined
Feb 22, 2012
Messages
7,171
Likes
8,282
Location
On a speck of dust
#21
tech,

your fix to the kitco ticker has been completed,
that line item in page container is changed to https

one thing guys to remember, is that as content is brought here from other places, cut and pasted, it brings its properties with it

much of our database has images and the like that are not https,
and I have found that it does affect us some in the big picture.

don't know if I am totally right on that, but it was my result from looking into this prior,

the kitco thing updates all the time, so is constantly feeding the expired http and was a great catch. Always assumed the kitco would stay up to date.

my bad on that one for sure
2016 election night I pasted a post from dem underpanties. That brought some pop-ups with it.
 

the_shootist

Midas Member
Midas Member
Midas Supporter
Joined
May 31, 2015
Messages
32,519
Likes
42,446
#22
At the end of the day does any of this really matter? All our machines have been compromised and there's not a single thing we can do about it!! We all try to minimize our exposure to our personal data being compromised but we can never eliminate it thanks to TPTB
1546878344097.png
 

michael59

heads up-butts down
Sr Site Supporter
Platinum Bling
Joined
Apr 1, 2014
Messages
10,195
Likes
6,388
Location
on the low side of corporate Oregon
#23
At the end of the day does any of this really matter? All our machines have been compromised and there's not a single thing we can do about it!! We all try to minimize our exposure to our personal data being compromised but we can never eliminate it thanks to TPTB
View attachment 121674
and, that my friends is what they call the NSA key. BUT do not despair this thing can be eliminated. but it is not going to happen with a swhish and a flick. OP-EDS. not sure it is called op-ed but it is what is used a s logic in calculators and putters. it is the or a simi transitor that has an input and a negative with a variance(my word) to control the out put which is an unimaginable gain. this is something that should not happen but does.

this is fed in, in loops of nodial value and when acreddited it's value dings a report on the op-ed of the NSA, thus it is hard wired in. Hellow welcome to the dick you as I can web. NO not me them.