Gunbroker Probably Hacked

[drcook]

Be aware, Gunbroker has probably been hacked. I put a post up on Shotgun World letting people know that something was going on and others are now responding back that they had the same page diversions and did what I did, ie: turned off machine.

If your are in doubt that something got through

you can double check your machines, over and above your current anti-virus by going here:

http://housecall.trendmicro.com/

Dave

 

[blarby]

I'm not getting any redirects, can you elaborate ?

 

[MikeJackmin]

Seems to be OK for me now.

 

[DeepSouth]

Working normal for me as well.

 

[Mitlov]

It freaked out for me yesterday and directed me to a malicious website (made to look like ransomware, an increasingly-popular and nasty sort of malware, though it wasn't actually ransomware but just a nasty webpage asking you to call a number and give them money to "unlock" your machine). I had to control-alt-delete and force-quit the web browser to get away, but rebooting the machine works too.

 

[il.bill]

Be aware, Gunbroker has probably been hacked. ...

Dave -

Thanks for the warning, but some details and/or specifics would be helpful.

 

[drcook]

this

It freaked out for me yesterday and directed me to a malicious website (made to look like ransomware, an increasingly-popular and nasty sort of malware, though it wasn't actually ransomware but just a nasty webpage asking you to call a number and give them money to "unlock" your machine). I had to control-alt-delete and force-quit the web browser to get away, but rebooting the machine works too.

is what happened today. yesterday it was something else

 

[gunut]

Same thing happened to me...just going to stay away from gunbroker for a couple days hoping they get it straightened out....

BTW drcook....if you could notify a moderator over on 16ga.com. for me...that the site will not let me log on and you cant contact a moderator unless you are logged in.....sort of a catch 22.....I sent two e-mails to the administrator but I don't think the family is monitoring the site..... ..thanks

 

[drcook]

what is your ID over there ? the only person that has access to the site, is the person who helped set it up. he is deleting the spambots that gain access. if you want to tell me your ID, or PM me your ID, I will send him a PM.

 

[ConstitutionCowboy]

It freaked out for me yesterday and directed me to a malicious website (made to look like ransomware, an increasingly-popular and nasty sort of malware, though it wasn't actually ransomware but just a nasty webpage asking you to call a number and give them money to "unlock" your machine). I had to control-alt-delete and force-quit the web browser to get away, but rebooting the machine works too.

Yeah, me too. I had to do the Ctrl-Alt-Delete and shut down the browser in the task manager.

Woody

 

[Bullseye]

I got redirected and got a malwarebytes blocked outbound pop up message while on GB a couple times in the past week. It happened when I typed particular text in lower search bar within the category, not the one on top.
I had to go to Task Manager to shut the browser down as I could not close the page. I immediately ran CCleaner and opened internet options and deleted my cookies and history etc.
Then I ran Windows Defender. No problems found.

 

[AlexanderA]

Same problem here. Task Manager shut it down.

 

[Hairy Clipper]

I have found that it does not happen using Internet Explorer but does happen using Google Chrome.

Just a little something to help you out if it happens to you~ control-alt-delete~
will take you out of it and then you can log off and then log back in to your browser.

 

[CCR]

I think the same thing happened to me the other day.

 

[J-Bar]

What if you are running a MAC?

 

[Mitlov]

What if you are running a MAC?

The website negatively affects the web browser, not the entire OS. If you're running Chrome on your Mac, you probably get the same result as I did with Chrome on my PC. I don't know how Safari (the default web browser on Macs) reacts to the website.

If you get caught by the webpage, making your machine shut down will almost certainly still work. Hold the power button for five seconds if the "shut down" command in the Apple menu doesn't work. I don't know that Apple's OSX has any comparable system to the Windows task manager, so you probably need to reboot the machine.

 

[ConstitutionCowboy]

I have found that it does not happen using Internet Explorer but does happen using Google Chrome.

Just a little something to help you out if it happens to you~ control-alt-delete~
will take you out of it and then you can log off and then log back in to your browser.

I run IE and it happened to me. Could be that the anti-virus software choices might make a difference.

Woody

 

[drcook]

UPDATE on Gunbroker Issue

I received a reply from their site admin today:

It was a bad ad from a network partner, not a virus or malware. It took a while to track down but it has been taken out of the ad network.

 

[rachjake]

Had a redirect also - turned off the computer.

 

[BLB68]

Never allow banner ads. The site can be as honest as the day is long, but they don't control the banner ad companies, and many of those companies have been hacked in the past.

Run Firefox or Chrome with an adblocking plug in (Adblock Plus or Adblock Edge for example). Noscript is a good thing to run too, but requires a lot higher learning curve. Adblock will prevent this type of shenanigans though.

 

[Mad Dawg]

The safest thing anyone can do with their browsing is to be sure that they are using a non-administrator account when browsing, especially with a Windows machine.

A good antivirus is a strong second; being mindful of increased activity on your machine, or redirects, etc is also relevant.

Now, as far as Trend Micro ... I work IT for a corporation; We had something else, and moved to Trend because someone else liked it; after a few years, we found out how bad it can be; it's akin to burying your head in the sand.. We no longer use Trend.. Free reign would be how I would describe Trend. Think hackers & think free reign, and you should get the idea .. Just because someone sells a product does not mean that it's good to go, or that it's worth a single cent. Don't worry, Trend is not the only antivirus on my <crap> list. But it certainly ranks up there as one of the AV products that I would never touch again. If I do touch it, it's only to remove it and install something else..

 

[Orion8472]

Where I work has Trend and I picked up a virus.......even though running a scan showed NO infection of any kind,.....yet it was there and IT had to come scrub it off my machine. Trend SUCKS! But since you brought it up, Mad Dawg, what is a good one to use for my home computer? Right now I have McAfee [came with the computer].

 

[mnrivrat]

GB has a notice on their site indicating it was casued by one of its venders
and that the site had not been hacked.

I'm not a savy computer guy but my machince was certainly effected with shifted data , etc. I am running windows exployer. Nothing I did would correct the problem. Running my Malware and other protection showed nothing.
Whatever it was it came thru GB and once they fixed it I am running the site just fine now.

I was effected for several days. Hope that doesn't happen often.

 

[CoalTrain49]

Each seller must place a payment method (bank account or credit card) on file with us to be able to list items for sale. To place a bank account or credit card on file, go to My GunBroker > My Account > Billing Info and select the add bank account or add credit card link.

This is from their website. GB doesn't have a secure website. I know this because they were hacked and they compromised my account information.

Looks like they were hacked again.

I'll use a site that doesn't require my account information.

YMMV.

 

[drcook]

Antivirus software is only as good as the last person that touched it. I made a very good living mostly patching and repairing software for over 28 yrs fixing other programmer's mistakes. With the exploits today, there is no guarantee. Simply not running an account that lacks "admin rights" is no guarantee. Google it up for yourself.

At any one time, any of the AV programs will let something through or kill your machine itself based on a faulty update. Norton has done it, etc.

I run MacAfee as Time Warner provides it free (this years contract), prior to this it was something else. I run redundant machines with my data backed up across my network, so it doesn't hurt me if I lose one machine but it is an awful aggravation.

I have a hardware firewall running, Windows firewall running, real time scanning, as much as possible, but as long as sites are using ads to bolster their bottom line, and not being careful as to who they allow in, once they are in and running, if the hack is good enough, they got your machine.

A good anti-virus (Google up reviews and read them) along with a good pop up ad blocker/killer will go a long way.

Use this as a Google (or whatever search engine you use) and do some reading "best popup ad blocker". (without the quotes).

I suggested using the Trend Housecall as a double check. It is not a primary antivirus product. It is a one time run to scan your machine as sometimes a good hack can get target your primary AV product.

I have AdBlock Plus installed now as I had gotten out of date since I don't work in the industry anymore. One of the folks on this (or one of the other sites) posted that up. It is working OK so far.