Web Site Infected?

Questions and Answers : Web site : Web Site Infected?
Message board moderation

To post messages, you must log in.

AuthorMessage
Profile doublechaz

Send message
Joined: 17 Nov 00
Posts: 68
Credit: 44,467,380
RAC: 13,376
United States
Message 1796303 - Posted: 15 Jun 2016, 8:27:18 UTC

I'm getting "goodsearch.com" scripts embedded in the seti webpage when I view source. Goodsearch is a wellknown Malware.

It could be on my end, but if I packet sniff my connection for traffic to them I only get it when going to the Seti page.

I'll keep looking from here.
ID: 1796303 · Report as offensive
OzzFan
Volunteer tester
Avatar

Send message
Joined: 9 Apr 02
Posts: 15579
Credit: 55,153,687
RAC: 29,091
United States
Message 1796317 - Posted: 15 Jun 2016, 10:03:13 UTC - in response to Message 1796303.  

Goodsearch is not "wellknown malware". SETI@home uses Goodsearch for micro-donations if you use it as a search engine. You can read more about it here, some SETIzens talking about it here, and Project Scientist Dr. Eric Korpela talking about it here.
ID: 1796317 · Report as offensive
Profile doublechaz

Send message
Joined: 17 Nov 00
Posts: 68
Credit: 44,467,380
RAC: 13,376
United States
Message 1796941 - Posted: 17 Jun 2016, 22:55:50 UTC

Perhaps there is more than one goodsearch. The one I'm referring to loads malware into browsers, rewrites traffic and is associated with a group that gets 10 to 12 cents from click-throughs and passes half a cent on to the charity while pocketing the other 11.5 cents.

If it's something that people put here on purpose that's fine. If it is something that got wormed into here, that would be a concern.
ID: 1796941 · Report as offensive

Questions and Answers : Web site : Web Site Infected?


 
©2017 University of California
 
SETI@home and Astropulse are funded by grants from the National Science Foundation, NASA, and donations from SETI@home volunteers. AstroPulse is funded in part by the NSF through grant AST-0307956.