| A témához tartozó oldalak: [1 2 3 4] > | Nov 20 malware incident Téma indítója: Ty Kendall
|
|---|
Ty Kendall 
Egyesült Királyság
Local time: 19:33
héber - angol
I feel like an ex just called me out of the blue..... :-/
Following the weird thing that happened earlier in the week when ProZ.com went all Typhoid Mary on us, has anyone else:
a) received this message:
"This message is to let you know about a service problem that
occurred at ProZ.com on Tuesday morning. ProZ.com's dedicated ad
server was infected with malware around 09:55 GMT. That malware
was active for about four hours, a... See more I feel like an ex just called me out of the blue..... :-/
Following the weird thing that happened earlier in the week when ProZ.com went all Typhoid Mary on us, has anyone else:
a) received this message:
"This message is to let you know about a service problem that
occurred at ProZ.com on Tuesday morning. ProZ.com's dedicated ad
server was infected with malware around 09:55 GMT. That malware
was active for about four hours, after which time ProZ.com's
banner ads were turned off. The direct effect of this malware is
that a site user who visited a page with banner advertisements
could have received content from, or could have been redirected
to, a site other than ProZ.com. This caused alerts to be issued by
some antivirus programs (such as Norton).
You are receiving this alert because the log files indicate that
you may have visited ProZ.com during the period that the malware
was active. Beyond redirects, there have not been any reports of
service interruptions or other consequences from this malware.
However, it is possible that you could have received content from
a site other than ProZ.com, and it is possible that that content
could be malicious. Therefore, in the interest of being cautious,
if you have anti-virus software, it might be a good idea to run a
scan. And if you do not have anti-virus software, you might
consider installing the free Avast anti-virus and/or the free
MalwareBytes anti-malware programs, available from
http://avast.com and http://malwarebytes.org respectively.
For more information about this incident and steps you can take,
please see http://www.proz.com/about/security
If you have any questions, please respond to this message or enter
a support ticket at
http://www.proz.com/support.php?mode=ask&type=abuse
Thank you for using ProZ.com. Please accept our sincere apologies
for any inconvenience this issue may have caused you."
and
b) Had any difficulty with malware as a result of this????
Just thought it would be prudent to compare notes. My anti-virus software is saying everything is fine, but others have told me that this malware can circumvent it.
Anyone else?
[Edited at 2012-11-23 11:21 GMT]
[Subject edited by staff or moderator 2012-11-23 15:19 GMT] ▲ Collapse
| | | | | I received the same message... | Nov 23, 2012 |
... my anti-virus software is saying everything is fine, but I lost my connection to GoToMyPC (I am in Lisbon now)...
| | | | Anna_Furman
Ukrajna
Local time: 21:33
angol - orosz
+ ...
Yea, I've received the same;). I'll check my PC for some problems later. Just now I feel no inconveniences (troubles).
Good luck!
Anna
| | | | Ty Kendall
Egyesült Királyság
Local time: 19:33
héber - angol
TÉMAINDÍTÓ | My computer has been glitchty of late but.... | Nov 23, 2012 |
....it's hard for me to judge because I'm working on an old-ish laptop (I am getting a new one for Christmas ). So I can't tell if it's glitchy because of a damned good virus or just old age.
[Edited at 2012-11-23 11:28 GMT]
| | |
|
|
|
Samuel Murray
Hollandia
Local time: 20:33
Tag (2006 óta)
angol - afrikaans
+ ...
| Who got infected | Nov 23, 2012 |
Ty Kendall wrote:
ProZ.com's dedicated ad server was infected with malware around 09:55 GMT. ... The direct effect of this malware is that a site user who visited a page with banner advertisements could have received content from, or could have been redirected to, a site other than ProZ.com.
Well, I don't think the infection was the type that spread to other computers.
The infection caused certain ProZ.com pages to automatically forward to another site, and such a forwarding action is recognised by anti-virus programs, but it does not actually infect the user's computer. It merely redirects to the user to another site.
| | | | Ty Kendall
Egyesült Királyság
Local time: 19:33
héber - angol
TÉMAINDÍTÓ | Samuel...... | Nov 23, 2012 |
They also say:
However, it is possible that you could have received content from
a site other than ProZ.com, and it is possible that that content
could be malicious.
And I also know for sure that someone had a problem with malware immediately following the incident. (I'm sure they'll be along to recount their experience).
| | | | XXXphxxx (X)
Egyesült Királyság
Local time: 19:33
portugál - angol
+ ...
However, you're the lucky one since I didn't even get this message. I suspected ProZ though. On Tuesday morning, I came to the site and was redirected to some other site giving me my ISP. I thought it was a ProZ glitch and carried on as normal, however, in no time Chrome crashed on me, followed by Word and Outlook and I kept receiving pop-ups asking if information could be relayed to HP, Google etc. I did a full virus scan - nothing, but it was clear that things weren't right. I rang McAfee, wen... See more However, you're the lucky one since I didn't even get this message. I suspected ProZ though. On Tuesday morning, I came to the site and was redirected to some other site giving me my ISP. I thought it was a ProZ glitch and carried on as normal, however, in no time Chrome crashed on me, followed by Word and Outlook and I kept receiving pop-ups asking if information could be relayed to HP, Google etc. I did a full virus scan - nothing, but it was clear that things weren't right. I rang McAfee, went through two technicians who couldn't fix the issue, the malware kept reproducing itself and couldn't be cleared. I had to wait 24 hours for a "senior technician" to clear the issue. It took him just under 2 hours, so 4 hours and 41 min in total spent on this and I missed 3 excellent jobs as I was reluctant to take on new work until the issue got resolved for fear of letting clients down. I do have other computers to use as back-up but time spent on the 'phone with technicians has a tendency to eat away at your schedule. Thank you ProZ! ▲ Collapse
| | | | | One of the (many) good reasons for going Mac | Nov 23, 2012 |
All my solidarity to PC users having hard times : (
| | |
|
|
|
Shai Navé
Izrael
Local time: 21:33
angol - héber
+ ...
| Some suggestions | Nov 23, 2012 |
Like Samuel, I am also doubtful that the redirection resulted in direct infection of the computer, unless the user has downloaded, installed or at least approved something from the malicious site.
However, since some users report issues immediately after that redirection, and because no more in-depth details about the infection are available, I guess that it is possible.
I suggest the following:
1) Run an AV scan from a bootable media. Developers such as Avira, Avast, AV... See more Like Samuel, I am also doubtful that the redirection resulted in direct infection of the computer, unless the user has downloaded, installed or at least approved something from the malicious site.
However, since some users report issues immediately after that redirection, and because no more in-depth details about the infection are available, I guess that it is possible.
I suggest the following:
1) Run an AV scan from a bootable media. Developers such as Avira, Avast, AVG and others (check your AV brand of choice website to see it they made such version available) offer a version of their product that can be run "outside" the OS from a bootable media (CD or USB flash drive). This is preferable over running a scan with the existing AV because some malware can "hide" from and even disable the resident AV.
2) Run a malware scan with a designated tool such Malwarebytes antimalware and Superantispyware.
3) Run an Hijackthis scan and analyze the log in http://www.hijackthis.de/ (download the file from the top right corner of this webpage). This is mostly for browser hijacking but can also point in the direction of connectivity issues. It is a little less user-friendly than what one might expect, but recommended nonetheless.
3) Check your Firewall log for any suspicious activity, especially for unknown softwares that try to "dial home".
This is the basic first response steps that I recommend taking in case of suspicion (or just for good measure).
[Edited at 2012-11-23 12:39 GMT] ▲ Collapse
| | | | Maria Arruti
Spanyolország
Local time: 20:33
Tag (2012 óta)
francia - spanyol
+ ...
I received that message yesterday, and afterwards I got a blue screen error twice. I hope the one has nothing to do with the other...
| | | | XXXphxxx (X)
Egyesült Királyság
Local time: 19:33
portugál - angol
+ ...
| Quite likely | Nov 23, 2012 |
Maria Arruti wrote:
I received that message yesterday, and afterwards I got a blue screen error twice. I hope the one has nothing to do with the other...
I forgot to add that while in the throes of all these issues I re-booted in an attempt to solve the problem and I also got a blue screen.
| | | | Tom in London
Egyesült Királyság
Local time: 19:33
Tag (2008 óta)
olasz - angol
juliette_K wrote:
All my solidarity to PC users having hard times : (
As a Mac user, I don't get infected. In 10+ years of using Macs I've never had any form of virus. And I hear that Windows 8 is virus-free too (although I don't know if that's true).
[Edited at 2012-11-23 13:41 GMT]
| | |
|
|
|
I got the message from Proz. The day before, like Lisa, when I went to Proz I was redirected to the ISP page. As I didn't understand what it was on about (I'm no tecchie) I just exited from the page and luckily everything seems to have been working normally since - fingers crossed.
Jenny
| | | | | Details about the issue | Nov 23, 2012 |
Details about this issue are available here: http://www.proz.com/about/security
At this time, the only reported problem that is known to be consequence of this issue is that some users were redirected to another site when viewing a banner ad during that 4-hour time period.
I would ask anyone who has evidence that their computer was infected with malware as a result of this is... See more Details about this issue are available here: http://www.proz.com/about/security
At this time, the only reported problem that is known to be consequence of this issue is that some users were redirected to another site when viewing a banner ad during that 4-hour time period.
I would ask anyone who has evidence that their computer was infected with malware as a result of this issue to please submit a support ticket, including logs from an anti-virus scan.
I'm sorry for the inconvenience and alarm this has caused.
Thanks,
Jason ▲ Collapse
| | | | opolt
Németország
Local time: 20:33
angol - német
+ ...
| Not infected -- but watch out | Nov 23, 2012 |
There is no infection on my computer, most likely because I'm on Linux and haven't seen a virus for at least 15 years.
But I did receive the email, and the whole story should serve as a reminder to everyone that servers can get compromised, and the data stored on them can be stolen or tampered with.
I don't know about the details, but there is always the (theoretical) risk that the password database stored on the site gets compromised too, so my advice would be to ne... See more There is no infection on my computer, most likely because I'm on Linux and haven't seen a virus for at least 15 years.
But I did receive the email, and the whole story should serve as a reminder to everyone that servers can get compromised, and the data stored on them can be stolen or tampered with.
I don't know about the details, but there is always the (theoretical) risk that the password database stored on the site gets compromised too, so my advice would be to never use identical passwords for different sites. If e.g. your ProZ password gets stolen and you happen use the same on another site with critical data ... well I guess everyone is getting the point.
I don't do this (i.e. I use different passwords for different sites, storing them in an encrypted database because there are so many of them), but it is a well-known fact that some people use one and the same password across sites because they don't want to remember that many, or don't know how to handle this.
As I said this is all theoretical, but personally I'm of the opinion that given that we don't know anything about the nature of the attack and the way the servers are configured, now is the time to go ahead and change your ProZ password. I changed mine, immediately. ▲ Collapse
| | | | | A témához tartozó oldalak: [1 2 3 4] > | To report site rules violations or get help, contact a site moderator: You can also contact site staff by submitting a support request » Nov 20 malware incident | CafeTran Espresso | You've never met a CAT tool this clever!
Translate faster & easier, using a sophisticated CAT tool built by a translator / developer.
Accept jobs from clients who use Trados, MemoQ, Wordfast & major CAT tools.
Download and start using CafeTran Espresso -- for free
Buy now! » |
| | TM-Town | Manage your TMs and Terms ... and boost your translation business
Are you ready for something fresh in the industry? TM-Town is a unique new site for you -- the freelance translator -- to store, manage and share translation memories (TMs) and glossaries...and potentially meet new clients on the basis of your prior work.
More info » |
|
| | | | X Sign in to your ProZ.com account... | | | | | |
Login to reply/comment 
