• Welcome to BirdForum, the internet's largest birding community with thousands of members from all over the world. The forums are dedicated to wild birds, birding, binoculars and equipment and all that goes with it.

    Please register for an account to take part in the discussions in the forum, post your pictures in the gallery and more.
ZEISS DTI thermal imaging cameras. For more discoveries at night, and during the day.

Fatbirder - site safety/security concerns (1 Viewer)

Hi Ash, thanks for taking the time to respond and put your head above the parapet on a public forum.

Clearly you are not entirely responsible for third party attacks on your widgets and well done you for getting things sorted so quickly. However, the most disconcerting thing is that we only found out when contacted through our website and then via Birdforum we got the details. Others found out because malicious attempts were made to get money out of bank accounts or when their computers died. Given that you knew about this for a while it would have been helpful to have an email in the same way you contact us when there is an update to the ticker widget.

If just one of the visitors to our website had been affected by the trojan we would have gone to great lengths to follow up and apologise and try and sort things out.

Hopefully it's gone for good and fatbirder can get back to being a good resource for birders.

Cheers, Marcus
 
Last edited:
A brief explanation of the issue: Fatbirder uses an open source ad server (one use by a large number of internet webmasters to host ads - openX) anyone using the same resource would have been targeted with the same malicious attack (ie not just fat birder or birding top 500), and have been. As soon as Fatbirder found there was an issue, the adservers were taken down and the malicious code removed, once this was done there was no longer a threat from either site.

Bo attempted to send a mail out last night, to inform people but while the site was blocked his email adresses were also blacklisted so no mail was able to be sent until this morning (when one was sent)

No infection would have gone through the birding top 500 widget, so this will not have inffected other sites. Bo will be sending messages to all members when Google has revisited the top 1000 site, and passed it (although it is clean so no need to worry). for sites blocked by google it is what are called cross-site warnings. Due to birding top 500/1000 having the issues.

To Jeff: When google blocks a page for malware their site claims they inform the webmaster of said site. Unfortunately they did not do this, so until I myself saw the issue with fatbirder.com Bo knew nothing about the problem.

Hope this keeps you all as upto date as poss.

To anyone using OpenX as an ad serve for their sites make sure you have the up to date version, or you may suffer similar issues.
 
Hi, I have also been infected.
Can anyone advise me what to do the files were found on virus scans and appear to be in my virus vault my virus scan is AVG free V 8.5
What happened -brief description was sent to FATBIRDER via link after looking for info on birding for Wales Google had it as a green tick. As soon as I clicked the link a command promt opened I immediately closed this down I then got a warning via AVG to say a Trojan horse had been detected. I clicked heal infection.
Scans since on AVG show VIRUS FOUND C:\WINDOWS\Temp_ex.08exe
HKLM\Software|microsoft\windows\CurrentVersion\run\\sniffer
INFECTION Trojan horse Back Door. Generic12.CBAH
Trojan horse cyptic. APF

I am also getting lots of tracking cookies which are new compared with usual scans including
Yieldmanager
Liveperson

The only difference to my computer is explorer is frequently crashing,
As a non "techy lady" can anyone advise me what to do, this is my first VIRUS-THANK YOU FAT BIRDER!

P.S I am about to go and check my bank details, I am guessing the safest thing is on a different computer!
Regards
 
Delia said:
P.S I am about to go and check my bank details, I am guessing the safest thing is on a different computer!
Regards
Click to expand...

Hopefully AVG did catch everything bad that was downloaded. I would definitely at this time use a different computer for checking on the bank.

Look back at post no 27 in this thread by Howard, click on the link he provided, so that you can be taken to a page with advice on how to handle your computer. It will look daunting at first, but do things one step at a time and you should end up getting through.

Cheers
Niels

PS: could you tell us when you experienced this? Today, a couple of days ago, or when?
 
njlarsen said:
Hopefully AVG did catch everything bad that was downloaded. I would definitely at this time use a different computer for checking on the bank.

Look back at post no 27 in this thread by Howard, click on the link he provided, so that you can be taken to a page with advice on how to handle your computer. It will look daunting at first, but do things one step at a time and you should end up getting through.

Cheers
Niels

PS: could you tell us when you experienced this? Today, a couple of days ago, or when?
Click to expand...

Howard's link isn't working for me... I've sent him a PM about it.

D
 
njlarsen said:
Hopefully AVG did catch everything bad that was downloaded. I would definitely at this time use a different computer for checking on the bank.

Look back at post no 27 in this thread by Howard, click on the link he provided, so that you can be taken to a page with advice on how to handle your computer. It will look daunting at first, but do things one step at a time and you should end up getting through.

Cheers
Niels

PS: could you tell us when you experienced this? Today, a couple of days ago, or when?
Click to expand...

Thanks Niels
I would think it was about 5 days ago.
All the bank stuff seemed OK when I checked on another PC I had made a credit card transaction on my laptop post the problems but so far no problems when I checked this online also
Thanks
 
Fatbirder widget?? I was on their site the other day as a link from Punkbirder, no problems! (Win XP+Firefox)
But whats this 'widget'?
 
I switched from AVG anti-virus after I picked up some (different) malware from a birding blog. (I had to completely reinstall Windows XP from scratch despite a lot of help from Howard.) On his advice I am now using Avast! antivirus and Comodo firewall and haven't had any further probs.
If I understand correctly, which I may not do ;) , Malwarebytes will scan your computer for malware but it may not be enough to remove it. That is where Howard was v. helpful to me, giving me detailed advice on how to get rid of the malware - which I did. The reason I reinstalled Windows in the end was because something funny had happened to AVG and it wouldn't let me uninstall it.
I'm not a techy, so if any of this sounds like twaddle, it probably is.
Ken
 
Is it now safe to go on to the fatbirder website now does anyone know as I also want to put my fatbirder widget back on!?????

Best Wishes Penny:girl:
 
As far as I am aware the site is now okay.
It wasn't the site so much as one of the programs that deliver adverts to the site that was the guilty party.
 
Surreybirder said:
I switched from AVG anti-virus after I picked up some (different) malware from a birding blog. (I had to completely reinstall Windows XP from scratch despite a lot of help from Howard.) On his advice I am now using Avast! antivirus and Comodo firewall and haven't had any further probs.
If I understand correctly, which I may not do ;) , Malwarebytes will scan your computer for malware but it may not be enough to remove it. That is where Howard was v. helpful to me, giving me detailed advice on how to get rid of the malware - which I did. The reason I reinstalled Windows in the end was because something funny had happened to AVG and it wouldn't let me uninstall it.
I'm not a techy, so if any of this sounds like twaddle, it probably is.
Ken
Click to expand...

Yea we had problems with our PC, taking ages to boot and it was AVG updater causing the trouble. Just removed it with AVG uninstaller and putting Avast on instead. (Typing this from my Blackberry)
 
Howard_Hopkinso said:
I feel sorry for both the owners of the website in question and it's users. The rise of the drive by infection really is the most worrying trend. Often, the owners of the site are not aware that anything is wrong, until their members start letting them know.

These types of attacks can happen to anyone unfortunately.

The best advice I can give is until the site is classed as safe, don't visit it.

In the mean time, if you think your computer is infected, please read this thread HERE and post the requested log files once done.
Click to expand...



Anybody know what happened to howardscomputerzone.com website? Ive been trying to access it for several days and all I get is a notice 'that the requested URL is not found on this server.'
 
ehrodz said:
Anybody know what happened to howardscomputerzone.com website? Ive been trying to access it for several days and all I get is a notice 'that the requested URL is not found on this server.'
Click to expand...

Me too. Howard does post here sometimes so let's hope we find out soon.
 
Warning! This thread is more than 14 years ago old.
It's likely that no further discussion is required, in which case we recommend starting a new thread. If however you feel your response is required you can still do so.

Similar threads

dalat
Bird sounds for download? SE Asia
Replies
10
Views
1K
THE_FERN
T
O
Celestron Nature DX warranty
Replies
7
Views
1K
rajas
R
MohoNobilis
Disappointment and Chaos - Back In Hong Kong
Replies
3
Views
762
delia todd
delia todd
SueO
Six Day Texas Trip
Replies
2
Views
580
wolfbirder
wolfbirder
E
Sharm-el-Sheikh, 13-16 December 2023
2
Replies
22
Views
2K
Earnest lad
E

Users who are viewing this thread

Total: 2 (members: 0, guests: 2)
Back
Top