Jump to content

Can anyone check if these websites have been compromised with adware/hijacker


Recommended Posts

Posted (edited)

Some websites like TomsHardware, PCGamer, GamesRadar may have been comprised with malware. This issue was shown on devices that didn't have any adblocker to block the script like a fresh Windows Install (personally checked on a Virtual machine), Android etc.

It looks like this happened from the websites that are using a common theme which may have been hijacked. I have uploaded the screenshots. The domain from which it was downloaded maybe an infected one.

The file downloaded is a 0 byte file named "download" that has icon of Windows Drive folder. On android it says that download failed and the file is  the same 0 byte.
The domain from where the file is downloaded is supposedly a adware/ browser jacking malware pusher.

"https://imgur.com/a/7iSX6Kk"


The websites in question are:

Tomshardware: www.tomshardware.com
Tomsguide: www.tomsguide.com
PCGamer: www.pcgamer.com
Gamesradar: www.gamesradar.com

Screenshot (1).png

Screenshot (2).png

Edited by Berny
URL disabled
Posted
12 minutes ago, Berny said:

@rounakr94

Please submit the potential suspicious  url's and objects here : https://opentip.kaspersky.com/

Submitted two of the websites.

Since there are many independent security experts here it would be better if they can confirm or deny my suspicions. I can then forward the same to the website owners.

Posted

@rounakr94 Only Kaspersky Virus Lab can confirm or deny a false positive or suspicious objects.

  • Like 1

Please sign in to comment

You will be able to leave a comment after signing in



Sign In Now


×
×
  • Create New...