Why is my Mac being attacked by Adobe Flash on this site?

zenstat

Senior Cymbal Nerd
Joined
Feb 5, 2012
Messages
3,905
Reaction score
631
Location
Auckland New Zealand
I updated my bookmark, thanks.... I notice though that if I click on the dfo logo to get back home it redirects to a non secure version....I'll let Ben know maybe need to be redirected
More than that needs attention as regards the software changes from http to https protocols, but yes please do report it. I just noticed it myself (clicking on the header redirects to the wrong address and I am instantly logged out).

This was reported on November 8 2018 and apparently no fix yet?

https://www.drumforum.org/threads/http-vs-https.157034/

Note also that there is a report of emails from the site containing the non secure address. Inconsistent programming/implementation of the change to https.

I'm on a Mac (os 10.11.6) using Firefox 64.0 and not getting any of these issues with an Adobe popup nor other malware. I'm using the tablet style not the desktop style which helps cut down on the screen real estate devoted to things I am not devoted to: ads, malware, etc.* edit * I thought tablet style might be why I didn't have such a large area devoted to chat, but having switched tabled style off and on again I see that chat uses as much vertical space in either style.
 
Last edited:

JazzDrumGuy

DFO Master
Joined
Feb 16, 2016
Messages
7,735
Reaction score
936
Location
Pebble Beach, CA
I directly type in "drumforum.org" on my 2 PC's = both unsecure. On my Android cell, it is also not secure! When I type it in with the s, all are secure.
 

musiqman

Very well Known Member
Joined
Feb 8, 2016
Messages
520
Reaction score
52
Location
Amsterdam, The Netherlands
Thats why I use Chrome with Adblocker for pop up and download free browsing on my Mac.

On another forum an item would be downloaded automatically if it wasn’t for my higher security settings in OS.

This topic does reminds me to check all my bookmarks for htttps-less url’s.
 

Mcjnic

DFO Veteran
Joined
Dec 28, 2010
Messages
2,114
Reaction score
682
You know, it does not make sense to put the S in for this particular variable.
This is for transport layer security. If you doubt the authenticity of this site or if you believe your data is susceptible to an outside nér-do-well WHILE it is being sent from your node to this sites server, then it would make sense. It lacks logic, though. Why would an outside attacker be interested in data packets that contain your opinions on Buddy Rich’s drumming skills?
To believe that for some reason adding the S will stop a false Adobe pop up ... that’s odd. That is not a data breach attack. That is phishing. The transport layer security really has little impact on phishing. That form requires the node user to lack the wherewithal of when not to click a particular path of communication. We haven’t even broached the topic of certificate trust in this.
This site is not set up utilizing the secure protocol. Therefore it is only one way security and is still susceptible. There is a breakdown in logic.
If the addition of the transport layer security stops the pop ups ... then the server itself or your node has an issue with outside attacks. That implies a much deeper issue than simple phishing.
I’m not onsite and can only see the variables in the open. If I owned the servers, I would do some deep dives into security. I would also consider each individual node that has this experience as a red flag. Do what you will. This is nothing more than an observation from afar.
 
Last edited:

Pounder

DFO Master
Joined
Aug 5, 2005
Messages
11,731
Reaction score
278
Location
Norman, OK
I just tried the https and haven't had any problems yet. Had to switch my bookmark in safari too, and hopefully this fixes the bug. I also had the popup yesterday. Glad I didn't respond to it.
 

Rick

Well-Known Member
Joined
Nov 29, 2018
Messages
250
Reaction score
139
Location
Atlanta
I just tried the https and haven't had any problems yet. Had to switch my bookmark in safari too, and hopefully this fixes the bug. I also had the popup yesterday. Glad I didn't respond to it.
Yep. I’m a little embarrassed that I fell for it the first time. Cost me $79 at an Apple dealer store to get that malware removed.
 

funkypoodle

DFO Veteran
Joined
May 29, 2013
Messages
2,114
Reaction score
311
Location
Québec, Canada
I ended with this malware/adware on my mac. It's the Bing redirect malware/MacOsCleaner adware, or Genieo & the bugger sinks its teeth everywhere. into those Application Support folders, your Cookies, browsing history & everywhere it can possibly hide. I had to take a few swings at it. I also got rid of any potentially bogus apps, any doubtful browser extensions, any weird boot-up items. Fingers crossed, but I think it's finally squashed & my machine feels like it has twice the RAM. I think I'll finally set up a user session for my daughter. Her Admin privileges have been revoked.
 

drummaman1

Very well Known Member
Joined
Jan 25, 2016
Messages
978
Reaction score
79
Location
Rochester, NY
Browsers are dropping support for Flash, especially since HTML 5 can do all of that much more efficiently. Some of the sites I watch news with still use flash, so it's definitely a pain.
 

BennyK

DFO Master
Joined
Aug 6, 2008
Messages
14,034
Reaction score
1,028
buy yourself a passport and all that will stop
 

Johnny D

Very well Known Member
Joined
Jun 3, 2013
Messages
615
Reaction score
434
Location
Scituate, Mass. USA
As I said a few weeks ago, it first happened to me last summer and I fell for it. I installed Malwarebytes and got rid of the virus but started getting the Adobe Flash pop up again a few weeks ago. I ignored the pop ups and it seemed to stop until a few days ago when everyone here was reporting it. I followed the advice of changing from http to https and that seems to have remedied the problem. Fingers crossed.
 

Rick

Well-Known Member
Joined
Nov 29, 2018
Messages
250
Reaction score
139
Location
Atlanta
As I said a few weeks ago, it first happened to me last summer and I fell for it. I installed Malwarebytes and got rid of the virus but started getting the Adobe Flash pop up again a few weeks ago. I ignored the pop ups and it seemed to stop until a few days ago when everyone here was reporting it. I followed the advice of changing from http to https and that seems to have remedied the problem. Fingers crossed.
Be careful even with the https. That has worked for me for the most part, but I have had two instances where it popped up on https.
 


Top