Tomshardware Linking to Fake Malicious Adobe Flash

[turkey3_scratch]

Tomshardware is the only site doing this right now. I keep getting a Javascript confirmation message saying my Adobe Flash is outdated (obviously fake) and needs updated, if you click okay it downloads a fake Adobe flash from a suspicious website. Why is Toms doing this?

No, I did not run the exe, but don't do it people it is fake.

 

[Dark Lord of Tech]

Show me the link , never ever came across that.

 

[SaintsEnd]

Google automagicly keeps adobe flash up to date, #Fail malware. And Yea I got it too, but I just blocked it.

 

[turkey3_scratch]

It seems to have stopped now. It was only when I refreshed a Tomshardware page or went anywhere on Toms. I forget the domain, and it doesn't seem to be in my history (since it took me to a download rather than a webpage). It was something like edownloader27.com or something weird. But it was a pop-up not a link, I should correct myself. Well, a popup that took you to a link if you clicked okay.

I don't think this is anything on my side (i.e. virus) because it only happened on Toms and it specifically read "Tomshardware requires the latest version of Adobe Flash. Yours is outdated".

 

[geofelt]

I get it too.
I am off tom's until it gets resolved.

 

[cleanshot911]

Yeah I got the exact same problem. All I did was go to Adobe's official website and manually install their plugin. When I came back to Toms I stopped having the problem. But yeah you might want to watch out for that and warn people Blackbird. In case you were wondering the link came from esoftsware24.com, so you might want to throw a PSA out there to avoid clicking on anything related to that.

 

[turkey3_scratch]

It should be gone now. Is it gone for you? Obviously it seems to be a minor security breach on Toms, either that or Toms is not getting paid for advertising it that way.

 

[Dark Lord of Tech]

I don't get it , still haven't seen it.

 

[turkey3_scratch]

I don't get it , still haven't seen it.

😛 That's because you missed it! It lasted for like 2 minutes and stopped. What you were doing in those 2 minutes, I am unsure, but apparently not refreshing Toms 100 times like I was :lol:

 

[Dark Lord of Tech]

I'VE BEEN ON THE LAST 2 HOURS , nothing.

 

[turkey3_scratch]

Not sure why you did not get it. Ah, you must have Javascript pop-ups disabled in your browser.

 

[cleanshot911]

I don't get it , still haven't seen it.

Yeah I honestly have no idea what happened, but it doesn't seem to be happening anymore. Not sure if that's something I did to make it stop on my end, but it seems like people aren't running into the problem anymore.

 

[turkey3_scratch]

Now it is linking me to some site that doesn't own a domain, just an IP. I am getting off Toms for now. Not even a popup this time, just opening tabs.

 

[Dark Lord of Tech]

I've been on with a few other Mods for hours , we haven't encountered it.

 

[Deleted member 217926]

It just happened to me in 3 different tabs I had open.

 

[turkey3_scratch]

I've been on with a few other Mods for hours , we haven't encountered it.

Now it is gone again. Weird. Yeah a random "Flash" download appeared in my Chrome download bar. Fortunately, Google Chrome is secure and said "This item is not downloaded often. Discard?" and I discarded it. I'll screenshot next time.

 

[Dark Lord of Tech]

One mod now says he came across it , I notified the COMMUNITY MANAGER.

Thanks.

 

[Darkbreeze]

Just happened to me as well, as soon as I visited this page.

 

[Dark Lord of Tech]

Weird , wonder why I haven't been on for hours.

 

[turkey3_scratch]

I'm going to inspect the source code and see if I can find anything.

 

[Dark Lord of Tech]

Nothing here but my computer is like a vault.😀

 

[turkey3_scratch]

I inspected all the Javascript code (which consisted of like 30 Javascript files, geez Toms) and found no instance of the "confirm" function. I'll have to search again if it appears again.

 

[Dark Lord of Tech]

I'm clear so far very strange.

 

[itmoba]

Use httrack to clone the website and archive it. Post me/us a link. I'm sure I'll be able to spot the problem fairly quickly.

[edit -- update]
Also, like SR-71, I haven't seen the problem myself on Safari or Chrome.

 

[dantheman0809]

Yeah I got this as well. Seems to have gone away