McAfee tagging Bullshido as Malware Risk

Not that this is the first time BS lands on radar, but this time the radar is covering a pretty big portion of internet users.

First noticed this with Chrome on Android redirecting most BS pages to a SiteAdvisor warning about content, malicious software, spyware, etc (SiteAdvisor is bundled with Chrome, not Firefox).

So, right now an enormous amount of Android users are probably being warned in big red letters about visiting BS.

Confirmed it also happens if I install SiteAdvisor in Firefox.

This might be due to the fact that BS has exhibited some weird popup behavior lately…I noticed a few times using Chrome, it would pop up installation offers for shady looking games. Now this.

[QUOTE=W. Rabbit;2852097]Not that this is the first time BS lands on radar, but this time the radar is covering a pretty big portion of internet users.

First noticed this with Chrome on Android redirecting most BS pages to a SiteAdvisor warning about content, malicious software, spyware, etc (SiteAdvisor is bundled with Chrome, not Firefox).

So, right now an enormous amount of Android users are probably being warned in big red letters about visiting BS.

Confirmed it also happens if I install SiteAdvisor in Firefox.

This might be due to the fact that BS has exhibited some weird popup behavior lately…I noticed a few times using Chrome, it would pop up installation offers for shady looking games. Now this.[/QUOTE]

I am bringing this up with Phrost. Thanks.

Every now and then some crappy ads sneak through, but honestly, I suspect this is more about people disingenuously reporting the site as a DOS attempt.

[QUOTE=Phrost;2852123]Every now and then some crappy ads sneak through, but honestly, I suspect this is more about people disingenuously reporting the site as a DOS attempt.[/QUOTE]

No. People wouldn’t do something like that…on the internet?

[QUOTE=Phrost;2852123]Every now and then some crappy ads sneak through, but honestly, I suspect this is more about people disingenuously reporting the site as a DOS attempt.[/QUOTE]

For a while Chrome would get redirected to another website with a request to install a gem-smashing game. It was an accident I was even using Chrome and caught this, people I usually don’t use that browser for anything. After about a week of that, these McAfee messages began appearing instead, so it seems related. Siteadvisor is collecting data from many, many, many Chrome installations…and there you have it.

Pretty sure was occurring via javascript, since it wasn’t happening on my usual, nonjavascripting browser…

Are you sure you don’t just have some sort of redirect virus/plug in?

[QUOTE=goodlun;2852460]Are you sure you don’t just have some sort of redirect virus/plug in?[/QUOTE]

I’ve tested this on several devices. Anything using McAfee is blocking and flagging BS with nasty red warnings.

Some quick guesstimates I’d say easily a billion+ devices could be blocking BS right now due to this, depending on their browser.

It’s intermittent, and it seems to be improving, and the warnings above are for specific threads.

Got around to building a Win 7 SP1 x64 machine with Firefox & Chrome and installed Site Advisor. I had no issues with Bullshido. Must of been a malicious ad that has since been removed.

[QUOTE=Plasma;2852477]Got around to building a Win 7 SP1 x64 machine with Firefox & Chrome and installed Site Advisor. I had no issues with Bullshido. Must of been a malicious ad that has since been removed.[/QUOTE]

Do a search for “Trollshido”, lol using SiteAdvisor.

“Uh, everything’s under control. Situation normal…”

Soo…still a big problem, particularly with any mobile devices relying on McAfee (or others potentially) in any way, including millions of devices utilizing carrier-provided browser security software. AND it’s very obvious when I use Chrome on Android to visit specific threads in either the MMA or Traditional forum.

Numerous individual threads seem to be causing unwanted redirection, and are getting caught and tagged by SiteAdvisor.
Something is trying to redirect my phone to random websites whenever I click on a link that runs the showthread.php script… but the bundled Siteadvisor software keeps blocking it and warning me with the “Warning: Dangerous Site”, and the exact warning is tied to “bullshido.net/forums/showthread.php” script itself.

Siteadvisor has categorized this explicit script on Bullshido as malicious, and it’s very possible those malicious redirects are ongoing, since sometimes I can see the domain it’s redirecting me to BEFORE I get re-redirected to my wireless carrier’s Siteadvisor warning.

So…don’t just go by what your desktop/laptop says when you install SiteAdvisor.

This is more or less a problem for the millions of consumer devices, and since carriers are now bundling these site blockers with their canned security software…BS is losing a shit ton of traffic, I guarantee it.

A Google search for “bullshido.net/forums/showthread” in Firefox reproduces the issue for recent threads. I’m trying to nail down the exact domains it’s redirecting to, but the issue itself seems tied to showthread.php. Possibly code injection of some sort going on here, and it’s still going on.

This Siteadvisor report shows the root of the problem. The TOP level domain and numerous paths are OK, but showthread.php got tagged at some point, and is still tagged.

https://www.siteadvisor.com/sites/www.bullshido.net/forums/showthread.php

Not 100% sure if it should still be tagged, I’d have to start capturing traffic, and I don’t want to, because I’m a bad person.