Quote:
Originally Posted by GentlemanCaller007
Interesting technique eholiday! So you are redirecting the script action away from the URL and back toward your own PC. Don't you still get web page errors and such when it can't find the script or resources on your local machine?
Norton is nice. It just blocks those requests, shows me a fade-away notice (like Outlook telling you that you have an email) and then goes away. I don't have to do anything and it doesn't stop me from doing what I want. It just blocks the "extra" code.
|
The code is coming through one of the rotating ads that is loading on the site I believe. The redirection is only for the payload of the infection. I'm not seeing script errors or page can't be displayed etc. I've been browsing and refreshing ECCIE all day since making the change. I did enable my the ad blocker plus plug in-for Firefox though, so that may be preventing the errors from displaying. The adblocker by itself did not correct the problem FYI.
I've seen this type of thing with a bunch of other sites in the past. The companies that provide the banner ads get hacked or don't check the ads they are publishing, which causes the sites that subscribe to their service to spread the infection. Pirate Bay, engadget, CNN, have all been hit like this in the recent past.