Why is my Mac being attacked by Adobe Flash on this site?

Discussion in 'General' started by Treviso1, Jan 9, 2019.

  1. steveblack

    steveblack Senior Cymbal Nerd

    Messages:
    3,671
    Likes Received:
    332
    Joined:
    Feb 5, 2012
    Location:
    Auckland New Zealand
    More than that needs attention as regards the software changes from http to https protocols, but yes please do report it. I just noticed it myself (clicking on the header redirects to the wrong address and I am instantly logged out).

    This was reported on November 8 2018 and apparently no fix yet?

    https://www.drumforum.org/threads/http-vs-https.157034/

    Note also that there is a report of emails from the site containing the non secure address. Inconsistent programming/implementation of the change to https.

    I'm on a Mac (os 10.11.6) using Firefox 64.0 and not getting any of these issues with an Adobe popup nor other malware. I'm using the tablet style not the desktop style which helps cut down on the screen real estate devoted to things I am not devoted to: ads, malware, etc.* edit * I thought tablet style might be why I didn't have such a large area devoted to chat, but having switched tabled style off and on again I see that chat uses as much vertical space in either style.
     
    Last edited: Jan 10, 2019
  2. JazzDrumGuy

    JazzDrumGuy DFO Master

    Messages:
    6,131
    Likes Received:
    323
    Joined:
    Feb 16, 2016
    Location:
    Pebble Beach, CA
    I directly type in "drumforum.org" on my 2 PC's = both unsecure. On my Android cell, it is also not secure! When I type it in with the s, all are secure.
     
  3. musiqman

    musiqman Well-Known Member

    Messages:
    416
    Likes Received:
    21
    Joined:
    Feb 8, 2016
    Location:
    Amsterdam, The Netherlands
    Thats why I use Chrome with Adblocker for pop up and download free browsing on my Mac.

    On another forum an item would be downloaded automatically if it wasn’t for my higher security settings in OS.

    This topic does reminds me to check all my bookmarks for htttps-less url’s.
     
  4. Mcjnic

    Mcjnic Very well Known Member

    Messages:
    1,392
    Likes Received:
    180
    Joined:
    Dec 28, 2010
    You know, it does not make sense to put the S in for this particular variable.
    This is for transport layer security. If you doubt the authenticity of this site or if you believe your data is susceptible to an outside nér-do-well WHILE it is being sent from your node to this sites server, then it would make sense. It lacks logic, though. Why would an outside attacker be interested in data packets that contain your opinions on Buddy Rich’s drumming skills?
    To believe that for some reason adding the S will stop a false Adobe pop up ... that’s odd. That is not a data breach attack. That is phishing. The transport layer security really has little impact on phishing. That form requires the node user to lack the wherewithal of when not to click a particular path of communication. We haven’t even broached the topic of certificate trust in this.
    This site is not set up utilizing the secure protocol. Therefore it is only one way security and is still susceptible. There is a breakdown in logic.
    If the addition of the transport layer security stops the pop ups ... then the server itself or your node has an issue with outside attacks. That implies a much deeper issue than simple phishing.
    I’m not onsite and can only see the variables in the open. If I owned the servers, I would do some deep dives into security. I would also consider each individual node that has this experience as a red flag. Do what you will. This is nothing more than an observation from afar.
     
    Last edited: Jan 10, 2019
    EvEnStEvEn likes this.
  5. Rockin' Billy

    Rockin' Billy DFO Veteran

    Messages:
    1,545
    Likes Received:
    62
    Joined:
    Oct 8, 2012
    Location:
    Woodstock N.Y.
    I always get “unsecure site.” Am I doing something wrong?
     
  6. Pounder

    Pounder DFO Master

    Messages:
    11,604
    Likes Received:
    206
    Joined:
    Aug 5, 2005
    Location:
    Norman, OK
    I just tried the https and haven't had any problems yet. Had to switch my bookmark in safari too, and hopefully this fixes the bug. I also had the popup yesterday. Glad I didn't respond to it.
     
  7. Rick

    Rick Well-Known Member

    Messages:
    94
    Likes Received:
    54
    Joined:
    Nov 29, 2018
    Location:
    Atlanta
    Yep. I’m a little embarrassed that I fell for it the first time. Cost me $79 at an Apple dealer store to get that malware removed.
     
  8. drawtheline55

    drawtheline55 Owner/admin Administrator Moderator

    Messages:
    3,529
    Likes Received:
    69
    Joined:
    Jan 31, 2011
    Location:
    Boston
    Hi, it is being looked into, thanks, Ben
     
  9. johnlamond

    johnlamond Voiceover guy

    Messages:
    2,629
    Likes Received:
    30
    Joined:
    Mar 6, 2006
    Location:
    Saber Lane Studio, Buffalo, NY
    Happened to me tonight for the first time. Running a brand new iMac 27. Thank God I have seen this scam many times before on other computers and did not fall for it.
     
  10. funkypoodle

    funkypoodle DFO Veteran

    Messages:
    1,982
    Likes Received:
    163
    Joined:
    May 29, 2013
    Location:
    Québec, Canada
    I ended with this malware/adware on my mac. It's the Bing redirect malware/MacOsCleaner adware, or Genieo & the bugger sinks its teeth everywhere. into those Application Support folders, your Cookies, browsing history & everywhere it can possibly hide. I had to take a few swings at it. I also got rid of any potentially bogus apps, any doubtful browser extensions, any weird boot-up items. Fingers crossed, but I think it's finally squashed & my machine feels like it has twice the RAM. I think I'll finally set up a user session for my daughter. Her Admin privileges have been revoked.
     
  11. drummaman1

    drummaman1 Very well Known Member

    Messages:
    957
    Likes Received:
    63
    Joined:
    Jan 25, 2016
    Location:
    Rochester, NY
    Browsers are dropping support for Flash, especially since HTML 5 can do all of that much more efficiently. Some of the sites I watch news with still use flash, so it's definitely a pain.
     
  12. BennyK

    BennyK DFO Master

    Messages:
    13,562
    Likes Received:
    623
    Joined:
    Aug 6, 2008
    buy yourself a passport and all that will stop
     
  13. Johnny D

    Johnny D Well-Known Member

    Messages:
    477
    Likes Received:
    123
    Joined:
    Jun 3, 2013
    Location:
    Scituate, Mass. USA
    As I said a few weeks ago, it first happened to me last summer and I fell for it. I installed Malwarebytes and got rid of the virus but started getting the Adobe Flash pop up again a few weeks ago. I ignored the pop ups and it seemed to stop until a few days ago when everyone here was reporting it. I followed the advice of changing from http to https and that seems to have remedied the problem. Fingers crossed.
     
  14. Rick

    Rick Well-Known Member

    Messages:
    94
    Likes Received:
    54
    Joined:
    Nov 29, 2018
    Location:
    Atlanta
    Be careful even with the https. That has worked for me for the most part, but I have had two instances where it popped up on https.
     
    Johnny D likes this.

Share This Page