Malicious JavaScript - K-Bikes.com - Excellence in Motion
Reply
 
LinkBack Thread Tools Display Modes
post #1 of 12 (permalink) Old Apr 17th, 2014, 4:56 pm Thread Starter
Noob
 
mr_so's Avatar
 
Join Date: Jan 2014
Location: , , UK
Posts: 17
Malicious JavaScript

Am I the only person experiencing the malicious JavaScript which seems to be inserted in the HTML of the main forum overview page just under the Ride Tales forum heading? I can't see how this could be a local issue as I have cleared browser caches etc several times, tried different browsers with the same result and also it is only happening here, not on any other sites

The code makes a popup when the forum is loaded suggesting that one needs to install a patch which is supplied by vBulletin and redirects to mega.co.nz to download "update.exe" which appears to install one of those annoying pretend AV softwares which tell you that you are infected and that you need to pay for the full version to disinfect.

If this is only happening to me does anyone have a suggestion about how and why, I have scanned with various AV and anti-malware scanners and they are coming back with nothing..

2002 K1200RS
mr_so is offline  
Sponsored Links
Advertisement
 
post #2 of 12 (permalink) Old Apr 17th, 2014, 9:45 pm
Senior Member
 
spanky's Avatar
 
Join Date: Aug 2003
Location: Colorado Springs, Colorado,
Posts: 182
me too

No, you're not the only one. It started happening to me today and I'm concerned that this app is plopping itself in front of my access to this site.

Regards,
Randy
'02 RT nacht black
'05 Ducati ST3 black
'06 K12S bumble bee
spanky is offline  
post #3 of 12 (permalink) Old Apr 18th, 2014, 5:59 am Thread Starter
Noob
 
mr_so's Avatar
 
Join Date: Jan 2014
Location: , , UK
Posts: 17
So glad it isn't just me but at the same time sorry to hear it is affecting others..

The only way I can access this site is by OKing the prompt then stopping the rest of the loading process before it redirects me, hopefully now one of the admins can remove the offending script before it finds a victim who follows its advice

2002 K1200RS
mr_so is offline  
Sponsored Links
Advertisement
 
post #4 of 12 (permalink) Old Apr 18th, 2014, 7:16 am
cws
Senior Member
 
cws's Avatar
 
Join Date: Oct 2005
Location: Sydney, NSW, Australia
Posts: 137
Interesting... I'm using "Do Not Track" & "Adblock Plus" so don't see the javascript in the header... but I clicked on the "K-bikes.com" banner and it took me from k-bikes to mega.co.nz... I just killed the page and opened a new window and picked up k-bikes again from my "favourites" list.
Definitely some hack going on... maybe its that fat German guy that lives in NZ used to run Mega-upload...

Chris
Sydney, NSW
2005 Dark Graphite Metallic K1200LT
2005 Orient Blue Metallic K1200GT SE
Ulysses #45310
GS911

cws is offline  
post #5 of 12 (permalink) Old Apr 18th, 2014, 7:52 am
Senior Member
 
spanky's Avatar
 
Join Date: Aug 2003
Location: Colorado Springs, Colorado,
Posts: 182
Quote:
Originally Posted by cws
Interesting... I'm using "Do Not Track" & "Adblock Plus" so don't see the javascript in the header... .
Is this shareware available to us common folk?

Regards,
Randy
'02 RT nacht black
'05 Ducati ST3 black
'06 K12S bumble bee
spanky is offline  
post #6 of 12 (permalink) Old Apr 18th, 2014, 8:53 am
Senior Member
 
stokester's Avatar
 
Join Date: Oct 2010
Location: Yorktown, VA, USA
Posts: 163
Quote:
Originally Posted by spanky
Is this shareware available to us common folk?
Free
https://www.abine.com/index.html

Nick
1993 K75S
1991 R100RT
1982 Yamaha XJ650RJ Seca
1978 R100S
stokester is offline  
post #7 of 12 (permalink) Old Apr 18th, 2014, 2:53 pm
Administrator
 
admin's Avatar
 
Join Date: Feb 2011
Location: Toronto, ON, Canada
Posts: 72
Garage
Hello,

I have sent a report to the tech department and they will look into this pop up. Thank you for bringing it to my attention!

Sorry for the inconvenience everyone!

~km community support
admin is offline  
post #8 of 12 (permalink) Old Apr 21st, 2014, 8:59 am
Administrator
 
admin's Avatar
 
Join Date: Feb 2011
Location: Toronto, ON, Canada
Posts: 72
Garage
Thanks for reporting. This issue has been fixed.

~ Alan
admin is offline  
post #9 of 12 (permalink) Old Apr 30th, 2014, 9:01 am
Addict
 
Join Date: Mar 2004
Location: , , UK
Posts: 3,750
This is a serious Forum Hijack attempt

I am seeing another malicious hijack attempt NOW and confirmed it on two PC's and two browsers.

The popup appears as soon as you enter the Forum URL, but it is not there when you Go to www.K-Bikes.com.

The message is "Try our new K-bikes Toolbar and navigate the site faster with free premium access for 30 days."

If you access the Forum URL using Firefox you get the popup but there is no close button so you are stuck with 'accept' or you cannot access the forum

If you access the Forum URL using ieExplorer you get the same popup window message but there is a close option. After about 30 seconds the popup keeps coming back as a nag screen.

This is really nasty because all K-Bike members may experience the problem. I suspect a browser hijack. After the malware free premium access times out 30 days you will probably be denied Forum access unless you pay money. They could even be routing the Forum URL through their proxy server.

Sorry Admins (I'm an admin too!) But I am not accepting the malware popup and have my browser hijacked until this serious security problem is fixed.

The problem with the popup message is it gives an impression the K-Bikes Forum is about to become subscription based to access it. That might seem a cool way of raising funds!


Therefore I will be offline for the time being, so please try to fix it soon!

I sent you an email too.



Never pay again for live sex! | Hot girls doing naughty stuff for free! | Chat for free!

Last edited by voxmagna; Apr 30th, 2014 at 9:06 am.
voxmagna is offline  
post #10 of 12 (permalink) Old May 5th, 2014, 8:20 am Thread Starter
Noob
 
mr_so's Avatar
 
Join Date: Jan 2014
Location: , , UK
Posts: 17
I wonder if it might be a good idea to start a new thread as this one doesn't seem to be being noticed any more. I am seeing the same issue again but with the results as voxmagna says above rather than those mentioned in my original post.

2002 K1200RS
mr_so is offline  
Reply

Quick Reply
Message:
Options

Register Now



In order to be able to post messages on the K-Bikes.com - Excellence in Motion forums, you must first register.
Please enter your desired user name, your email address and other required details in the form below.

User Name:
Password
Please enter a password for your user account. Note that passwords are case-sensitive.

Password:


Confirm Password:
Email Address
Please enter a valid email address for yourself.

Email Address:
OR

Log-in










Thread Tools
Show Printable Version Show Printable Version
Email this Page Email this Page
Display Modes
Linear Mode Linear Mode



Posting Rules  
You may post new threads
You may post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are On

 
For the best viewing experience please update your browser to Google Chrome