"Search Engine Redirect problem - not PC virus" Topic
All members in good standing are free to post here. Opinions expressed here are solely those of the posters, and have not been cleared with nor are they endorsed by The Miniatures Page.
For more information, see the TMP FAQ.
Back to the Spam, Hack & Phish Plus Board
Back to the Webmasters Plus Board
Back to the Computer Stuff Plus Board
|Roderick Robertson ||17 Jan 2010 10:33 a.m. PST|
I've got a strange redirect problem going on.
I'm the webmaster for Dundracon.com. If you simply type in the url into a browser's search screen, it comes up no problem. I've checked my page files – they haven't been hacked (if they were, I'd have simply replaced them, as it's basically a static site, and I have a full backup on my home PC).
If you search for "dundracon" on google, yahoo, bing, etc., and click on the hit that claims to take you to dundracon.com (usually the first result), you get sent to a fake anti-virus site (usually getting a popup saying: "Warning, your personal PC needs to install anti-virus software" Personal Security can perform fast and free scan of your computer.", that won't close, and will start to load malware if you click "okay".
This is *not* a problem on my personal PC – I've had reports from users saying they're getting it, and even sat with my ISP's help desk while they got it. This is *not* a hack on my website. It's a hack into something that all search engines go to for information.
|napthyme ||17 Jan 2010 11:07 a.m. PST|
Sounds like a call to Googles customer service is in order
| Waco Joe ||17 Jan 2010 11:30 a.m. PST|
Here is the message I get in Firefox:
Reported Attack Site!
This web site at kedzierski.be has been reported as an attack site and has been blocked based on your security preferences.
Attack sites try to install programs that steal private information, use your computer to attack others, or damage your system.
Some attack sites intentionally distribute harmful software, but many are compromised without the knowledge or permission of their owners.
| StarfuryXL5 ||17 Jan 2010 12:12 p.m. PST|
In the past I've heard about DNS cache poisoning occurring, in which an attacker can compromise a DNS server. It replaces the proper IP address with the attacker's for a given URL, so a request for a Web site will be directed to a site of the attacker's choice. I don't know if there is anything you can do about it, short of waiting for the cache to be updated, but you could ask your ISP about it.
|fred12df||17 Jan 2010 12:43 p.m. PST|
Have a look at the last couple of posts – which indicate that there may have been a hack to your site – either the index.hml page or the .htaccess file
I don't think this is a DNS cache issue – as this would cause a redirect in all cases.
I also don't think it is a Google issue – the attack is written to redirect requests from search engines. It doesn't affect the search engine results directly.
|Roderick Robertson ||17 Jan 2010 5:21 p.m. PST|
my .htaccess got hacked.
Thanks fred12df, that forum answered the question.