Why is my Mac being attacked by Adobe Flash on this site?

Discussion in 'General' started by Treviso1, Jan 9, 2019.

  1. zenstat

    zenstat Senior Cymbal Nerd

    Messages:
    3,806
    Likes Received:
    465
    Joined:
    Feb 5, 2012
    Location:
    Auckland New Zealand
    More than that needs attention as regards the software changes from http to https protocols, but yes please do report it. I just noticed it myself (clicking on the header redirects to the wrong address and I am instantly logged out).

    This was reported on November 8 2018 and apparently no fix yet?

    https://www.drumforum.org/threads/http-vs-https.157034/

    Note also that there is a report of emails from the site containing the non secure address. Inconsistent programming/implementation of the change to https.

    I'm on a Mac (os 10.11.6) using Firefox 64.0 and not getting any of these issues with an Adobe popup nor other malware. I'm using the tablet style not the desktop style which helps cut down on the screen real estate devoted to things I am not devoted to: ads, malware, etc.* edit * I thought tablet style might be why I didn't have such a large area devoted to chat, but having switched tabled style off and on again I see that chat uses as much vertical space in either style.
     
    Last edited: Jan 10, 2019
  2. JazzDrumGuy

    JazzDrumGuy DFO Master

    Messages:
    6,797
    Likes Received:
    564
    Joined:
    Feb 16, 2016
    Location:
    Pebble Beach, CA
    I directly type in "drumforum.org" on my 2 PC's = both unsecure. On my Android cell, it is also not secure! When I type it in with the s, all are secure.
     
  3. musiqman

    musiqman Well-Known Member

    Messages:
    476
    Likes Received:
    36
    Joined:
    Feb 8, 2016
    Location:
    Amsterdam, The Netherlands
    Thats why I use Chrome with Adblocker for pop up and download free browsing on my Mac.

    On another forum an item would be downloaded automatically if it wasn’t for my higher security settings in OS.

    This topic does reminds me to check all my bookmarks for htttps-less url’s.
     
  4. Mcjnic

    Mcjnic DFO Veteran

    Messages:
    1,623
    Likes Received:
    319
    Joined:
    Dec 28, 2010
    You know, it does not make sense to put the S in for this particular variable.
    This is for transport layer security. If you doubt the authenticity of this site or if you believe your data is susceptible to an outside nér-do-well WHILE it is being sent from your node to this sites server, then it would make sense. It lacks logic, though. Why would an outside attacker be interested in data packets that contain your opinions on Buddy Rich’s drumming skills?
    To believe that for some reason adding the S will stop a false Adobe pop up ... that’s odd. That is not a data breach attack. That is phishing. The transport layer security really has little impact on phishing. That form requires the node user to lack the wherewithal of when not to click a particular path of communication. We haven’t even broached the topic of certificate trust in this.
    This site is not set up utilizing the secure protocol. Therefore it is only one way security and is still susceptible. There is a breakdown in logic.
    If the addition of the transport layer security stops the pop ups ... then the server itself or your node has an issue with outside attacks. That implies a much deeper issue than simple phishing.
    I’m not onsite and can only see the variables in the open. If I owned the servers, I would do some deep dives into security. I would also consider each individual node that has this experience as a red flag. Do what you will. This is nothing more than an observation from afar.
     
    Last edited: Jan 10, 2019
    EvEnStEvEn likes this.
  5. Rockin' Billy

    Rockin' Billy DFO Veteran

    Messages:
    1,680
    Likes Received:
    122
    Joined:
    Oct 8, 2012
    Location:
    Woodstock N.Y.
    I always get “unsecure site.” Am I doing something wrong?
     
  6. Pounder

    Pounder DFO Master

    Messages:
    11,649
    Likes Received:
    229
    Joined:
    Aug 5, 2005
    Location:
    Norman, OK
    I just tried the https and haven't had any problems yet. Had to switch my bookmark in safari too, and hopefully this fixes the bug. I also had the popup yesterday. Glad I didn't respond to it.
     
  7. Rick

    Rick Well-Known Member

    Messages:
    185
    Likes Received:
    95
    Joined:
    Nov 29, 2018
    Location:
    Atlanta
    Yep. I’m a little embarrassed that I fell for it the first time. Cost me $79 at an Apple dealer store to get that malware removed.
     
  8. drawtheline55

    drawtheline55 Owner/admin Administrator Moderator

    Messages:
    3,573
    Likes Received:
    97
    Joined:
    Jan 31, 2011
    Location:
    Boston
    Hi, it is being looked into, thanks, Ben
     
  9. johnlamond

    johnlamond Voiceover guy

    Messages:
    2,651
    Likes Received:
    41
    Joined:
    Mar 6, 2006
    Location:
    Saber Lane Studio, Buffalo, NY
    Happened to me tonight for the first time. Running a brand new iMac 27. Thank God I have seen this scam many times before on other computers and did not fall for it.
     
  10. funkypoodle

    funkypoodle DFO Veteran

    Messages:
    2,042
    Likes Received:
    208
    Joined:
    May 29, 2013
    Location:
    Québec, Canada
    I ended with this malware/adware on my mac. It's the Bing redirect malware/MacOsCleaner adware, or Genieo & the bugger sinks its teeth everywhere. into those Application Support folders, your Cookies, browsing history & everywhere it can possibly hide. I had to take a few swings at it. I also got rid of any potentially bogus apps, any doubtful browser extensions, any weird boot-up items. Fingers crossed, but I think it's finally squashed & my machine feels like it has twice the RAM. I think I'll finally set up a user session for my daughter. Her Admin privileges have been revoked.
     
  11. drummaman1

    drummaman1 Very well Known Member

    Messages:
    973
    Likes Received:
    77
    Joined:
    Jan 25, 2016
    Location:
    Rochester, NY
    Browsers are dropping support for Flash, especially since HTML 5 can do all of that much more efficiently. Some of the sites I watch news with still use flash, so it's definitely a pain.
     
  12. BennyK

    BennyK DFO Master

    Messages:
    13,744
    Likes Received:
    794
    Joined:
    Aug 6, 2008
    buy yourself a passport and all that will stop
     
  13. Johnny D

    Johnny D Very well Known Member

    Messages:
    527
    Likes Received:
    212
    Joined:
    Jun 3, 2013
    Location:
    Scituate, Mass. USA
    As I said a few weeks ago, it first happened to me last summer and I fell for it. I installed Malwarebytes and got rid of the virus but started getting the Adobe Flash pop up again a few weeks ago. I ignored the pop ups and it seemed to stop until a few days ago when everyone here was reporting it. I followed the advice of changing from http to https and that seems to have remedied the problem. Fingers crossed.
     
  14. Rick

    Rick Well-Known Member

    Messages:
    185
    Likes Received:
    95
    Joined:
    Nov 29, 2018
    Location:
    Atlanta
    Be careful even with the https. That has worked for me for the most part, but I have had two instances where it popped up on https.
     
    Johnny D likes this.

Share This Page

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.