Parks wrote:Google is showing it too.
Anyone know who runs the PDGA site? Is it possible that it is compromised?
d2 wrote:I posted this in Babble, but realized this is pretty big so I am also posting this here to get better coverage:
Google Chrome & Firefox can no longer be used to effectively visit PDGA->discussions. Chrome & Firefox report the following:Google wrote:Of the 138 pages we tested on the site over the past 90 days, 26 page(s) resulted in malicious software being downloaded and installed without user consent. The last time Google visited this site was on 2011-04-11, and the last time suspicious content was found on this site was on 2011-04-10.
Malicious software includes 7 trojan(s). Successful infection resulted in an average of 1 new process(es) on the target machine.
I went to the site this morning with IE in a clean Virtual Machine that I plan to revert back to clean, and got the following:IE wrote:Internet Explorer has closed this webpage to help protect your computer. A malfunctioning or malicious add-on has caused Internet Explorer to close this webpage.
This tells me that effective today, the PDGA site is still delivering zero day malware!
19% of the PDGA discussion pages that get served deliver zero-day malware:
If you viewed 10 messages on the discussion board with Internet Explorer (32 bit), then you have an 88% chance of currently owning an infected computer.
After 37 messages, then the odds statistically round to 100%.
Your computer is NOT safe even if you are running anti-virus software!
d2 wrote:I was just on the PDGA site, and it is still delivering malware! Do not goto the PDGA site unless you really know what you are doing with computer security!
Here is an informative reply:Kette_Master wrote:So, is there an issue with pdga.com being a malware distributor?
Well, I have an issue with visiting a web site that delivers malware .
When Google states "79 page(s) resulted in malicious software being downloaded and installed without user consent. ", they obviously mean that malware was installed due to content distrubuted directly or indirectly from the site! I would LOVE to know what browsers were actually affected.
Personally, I plan to no longer use the PDGA to pre-register for any tournaments. I have not figured out how I will register for the PDGA next year; because I do not trust the PDGA with my credit card information.
I agree that "MOST LIKELY" the PDGA is using a "third rate" ad server company. I suspect that this company is trying to vet ads that it delivers to ensure that they are malware free; however, that job is really difficult! My guess is Google is doing a better job of vetting the ads. However, that is a guess. AFAIK, the PDGA may not even be capable of accessing their security risks.
I thought that perhaps the PDGA would immediately terminate the ad content based on being called out. However, my system is still getting zero day thrown at it. I hope that they at least look into the legal requirements of reporting security breaches.
BTW, if you think your anti-virus program is keeping you safe, then you would be wrong.
You should also be aware that in the past many people knew immediately when they had malware installed due to browser redirects or "Fake Anti-Virus" software getting installed. However, there is a big shift to "silent malware" that just steals your personal data.
discspeed wrote:We're not owls
Users browsing this forum: No registered users and 0 guests