Go Back   Thor Forums > Thor Community Forums > Forum Admin and Announcements
Click Here to Login
Reply
 
Thread Tools Display Modes
 
Old 11-25-2018, 03:18 PM   #1
Senior Member
 
DenverTransplant's Avatar
 
Brand: Thor Motor Coach
Model: ACE 30.1
State: Colorado
Posts: 375
THOR #5190
popup redirect ads

I’ve been getting all sorts of the ‘Congratulations Amazon User” and similar scam redirects for the past few days. These scam redirects are due to the web pages being hacked and come from the web site server. Administrators you need to get your website scrubbed.
Attached Thumbnails
Click image for larger version

Name:	5A972526-50F4-4E2E-8A80-75154A8012AB.jpg
Views:	106
Size:	140.4 KB
ID:	14291  
__________________

__________________
Rick
2017 Thor ACE 30.1
2017 Jeep Cherokee Trailhawk
Roadmaster Falcon All Terrain
RVi Brake 3
DenverTransplant is offline   Reply With Quote
Old 11-25-2018, 03:27 PM   #2
Senior Member
 
Brand: Thor Motor Coach
Model: 22FE
State: New York
Posts: 208
THOR #5330
I'm not getting anything like that.
__________________

__________________
cpmath is offline   Reply With Quote
Old 11-25-2018, 03:45 PM   #3
Senior Member
 
Brand: Thor Motor Coach
Model: Vegas 24.1
State: Florida
Posts: 247
THOR #11784
I'm not getting anything like that either. Being a computer programmer for decades, many malware attacks will simply overwrite whatever page you are trying to go to and there is very little a web site can do to thwart them. The most like cause is "free" programs that the user installs and then has to give over-generous permissions in order to get the "free" program to function. My wife had some issues on a "cleaner" program that would "perform magic", but in reality just presented fancy graphics with tons of ads. Best to start uninstalling the latest programs downloaded, even if in doubt, until the problem goes away. You can always install the legit programs later. Googling will also help decide which is the legit programs, etc.
__________________
RVMichael is offline   Reply With Quote
Old 11-25-2018, 03:46 PM   #4
Senior Member
 
Brand: Thor Motor Coach
Model: Axis 24.1
State: Florida
Posts: 611
THOR #4366
Me either; run malware bytes on your computer.
__________________
2016 Axis 24.1 E-450 6 spd tranny
300 watts portable solar.
200 watts solar on the roof.
Wrangler JK dinghy
scrubjaysnest is offline   Reply With Quote
Old 11-25-2018, 03:56 PM   #5
Axis/Vegas Enthusiast
 
JamieGeek's Avatar
 
Brand: Thor Motor Coach
Model: Axis 24.1
State: Michigan
Posts: 8,190
THOR #1150
Quote:
Originally Posted by scrubjaysnest View Post
Me either; run malware bytes on your computer.
This!

Here is a link: https://www.malwarebytes.com/

Many times you visit a different website and it installs stuff to make any website look like its been hacked, or, as mentioned above, you've installed some freeware that put something on your computer.
__________________
2014 Thor Axis 24.1
2018 Chevy Bolt
blog - https://spareelectrons.wordpress.com/
JamieGeek is offline   Reply With Quote
Old 11-25-2018, 04:22 PM   #6
Senior Member
 
DenverTransplant's Avatar
 
Brand: Thor Motor Coach
Model: ACE 30.1
State: Colorado
Posts: 375
THOR #5190
These problems are showing up on a iPad, which is supposed to be pretty bullet proof when it comes to local hacking. Everything Iíve read to date has indicated that the source of these ďCongratulations...Ē malware has been bad guys managing to insert their code into web pages at the source server level where the server hasnít been properly patched. Iíve done a bit more reading, and it seems that they also manage to insert forced redirects at the browser level. Iíll try resetting Safari and, but the worst case will be restoring the iPad to factory defaults and loading in only the apps I really use.

https://mashable.com/2018/04/03/cong.../#uLDHirNCnGq1
__________________
Rick
2017 Thor ACE 30.1
2017 Jeep Cherokee Trailhawk
Roadmaster Falcon All Terrain
RVi Brake 3
DenverTransplant is offline   Reply With Quote
Old 11-25-2018, 04:28 PM   #7
Senior Member
 
Brand: Thor Motor Coach
Model: outlaw 37ls
State: Europe
Posts: 230
THOR #6831
Quote:
Originally Posted by denvertransplant View Post
these problems are showing up on a ipad, which is supposed to be pretty bullet proof when it comes to local hacking. Everything iíve read to date has indicated that the source of these ďcongratulations...Ē malware has been bad guys managing to insert their code into web pages at the source server level where the server hasnít been properly patched. Iíve done a bit more reading, and it seems that they also manage to insert forced redirects at the browser level. Iíll try resetting safari and, but the worst case will be restoring the ipad to factory defaults and loading in only the apps i really use.

https://mashable.com/2018/04/03/cong.../#uldhirncngq1
for mac uses go to " activity monitor" you can also find bots there
__________________
captmetal is offline   Reply With Quote
Old 11-25-2018, 05:28 PM   #8
Senior Member
 
The_Breeze's Avatar
 
Brand: Thor Motor Coach
Model: Chateau 31L
State: Florida
Posts: 586
THOR #12189
Quote:
Originally Posted by JamieGeek View Post
This!

Here is a link: https://www.malwarebytes.com/

Many times you visit a different website and it installs stuff to make any website look like its been hacked, or, as mentioned above, you've installed some freeware that put something on your computer.
CNet is famous for this. You really have to remember one thing: nothing is 'free'. It'll always cost you 'something' - even if it's just ads buried in the middle of the apps presentation. This forum does that too. It's not 'free' (per se).
The_Breeze is offline   Reply With Quote
Old 11-25-2018, 07:05 PM   #9
Axis/Vegas Enthusiast
 
JamieGeek's Avatar
 
Brand: Thor Motor Coach
Model: Axis 24.1
State: Michigan
Posts: 8,190
THOR #1150
Quote:
Originally Posted by RvEd View Post
CNet is famous for this. You really have to remember one thing: nothing is 'free'. It'll always cost you 'something' - even if it's just ads buried in the middle of the apps presentation. This forum does that too. It's not 'free' (per se).
I've frequently used Malwarebytes and never seen an ad.

In addition, with "Ad Block Plus" installed in Chrome, I rarely see ads on this site either.
__________________
2014 Thor Axis 24.1
2018 Chevy Bolt
blog - https://spareelectrons.wordpress.com/
JamieGeek is offline   Reply With Quote
Old 11-25-2018, 08:04 PM   #10
Senior Member
 
TurnerFam's Avatar
 
Brand: Thor Motor Coach
Model: Palazzo 33.3 34'bunkhouse
State: Alabama
Posts: 1,823
THOR #4735
I see this too, but only while on my iphone, and not only this forum, but also ForestRiver forums, too.
__________________
the Turners
'14 Palazzo 33.3 bunkhouse 34' diesel
KingTailgater2 Dish HD, 100w/5a SOLAR, BlueOx
100,000+mi since '14 - US, Alaska, Canada.... was WC Georgia, then W NorthCarolina, now Lacey's Spring, AL : )
TurnerFam is offline   Reply With Quote
Old 11-25-2018, 09:13 PM   #11
Senior Member
 
The_Breeze's Avatar
 
Brand: Thor Motor Coach
Model: Chateau 31L
State: Florida
Posts: 586
THOR #12189
Quote:
Originally Posted by JamieGeek View Post
I've frequently used Malwarebytes and never seen an ad.
In addition, with "Ad Block Plus" installed in Chrome, I rarely see ads on this site either.
Here as well. It also solved the 'fake' ransom ware splash page I used to get before I installed it.

The web pages here aren't hacked. The ads are. The ad is displayed on the page and BAMM: entry point to the web page to launch their code.

Best of all, from their point of view, the ads 'deliver' their code to various web sites. They don't even have to sit there trying to hack a web page or the server it sits on. The ads serve up their code for them.

Pretty smart, if you give it some honest thought. Infect a trusted source (or owners who just don't care) and it'll deliver your malicious code to millions of web site.


FYI ad-block plus can be used on iPhone or Android, though not as comprehensive.
The_Breeze is offline   Reply With Quote
Old 11-25-2018, 09:24 PM   #12
Senior Member
 
DenverTransplant's Avatar
 
Brand: Thor Motor Coach
Model: ACE 30.1
State: Colorado
Posts: 375
THOR #5190
Iíve been using Crystal add blocker, and the discussion prompted me to go check it. I found it disabled, which I may have done at some time, or the IOS 12 update did it for me. I also found Ad Block is available for IOS, so Iíve installed that. I do use Ad Block on my Mac and itís been pretty good. Hopefully this will stop the bad guys for now.
__________________
Rick
2017 Thor ACE 30.1
2017 Jeep Cherokee Trailhawk
Roadmaster Falcon All Terrain
RVi Brake 3
DenverTransplant is offline   Reply With Quote
Old 11-26-2018, 02:17 AM   #13
Senior Member
 
Brand: Thor Motor Coach
Model: Four Winds 31E (2019)
State: California
Posts: 241
THOR #12270
some administrator done goofed:
__________________
Diemaster is offline   Reply With Quote
Old 11-26-2018, 09:14 PM   #14
Administrator
 
Janet H's Avatar
 
Brand: Airstream
Model: Overlander
State: Washington
Posts: 474
THOR #2
These are ad related and once your device is cookied up by that company they will be displayed. The solution is to delete cache and cookies and do a restart. It will fix the issue temporarily. Once they start again, you will need to repeat. IOS is especially vulnerable it seems...
__________________
ďYou have brains in your head. You have feet in your shoes. You can steer yourself any direction you choose.Ē -- Dr. Seuss
Janet H is offline   Reply With Quote
Old 11-26-2018, 11:15 PM   #15
Senior Member
 
revjeffrey's Avatar
 
Brand: Thor Motor Coach
Model: Axis 24.1 Windjammer
State: Indiana
Posts: 1,101
THOR #7074
I use The Brave Browser. Brave.com No ads. Fast Only one I use now.
__________________
Rev. Jeffrey 2017 Thor Axis 24.1 E450 Windjammer.
Silver Safe-T-Plus Steering Control
SSF-106-40 SumoSprings Solo Front Bump Stop SSR-107-47 SumoSprings Rear Bump Stop
Hellwig 7718 Front Sway Bar & 7180 Rear Sway Bar
Koni FSD Front Shocks 8805-1042 / Koni FSD Rear Shocks 8805-1043
revjeffrey is offline   Reply With Quote
Old 11-26-2018, 11:19 PM   #16
I Think We're Lost!
 
Bob Denman's Avatar
 
Brand: Still Looking
Model: Tiffin Wayfarer 24 BW
State: New York
Posts: 11,701
THOR #8860
Don't forget to also wear a condom...
__________________

__________________
Good Sam Member 843599689
FMCA Member F473304
Current coach: Tiffin Wayfarer 24 BW
"History shows again and again; how Nature points
out the folly of man..."
Bob Denman is offline   Reply With Quote
Reply

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are Off
Pingbacks are Off
Refbacks are Off


» Featured Campgrounds

Reviews provided by

Disclaimer:

This website is not affiliated with or endorsed by Thor Industries or any of its affiliates. This is an independent, unofficial site.




All times are GMT. The time now is 09:46 AM.


Powered by vBulletin® Version 3.8.8
Copyright ©2000 - 2019, vBulletin Solutions, Inc.
Content Relevant URLs by vBSEO 3.6.0 PL2
×