Active discussions

Meet the Other Phone. A phone that grows with your child.

Meet the Other Phone.
A phone that grows with your child.

Buy now

Please or to access all these features

Talk

Back to thread
MNHQ

Web page warnings

12 replies

YetMoreTech · 22/12/2010 09:13

We are aware that some people are receiving warnings when trying to open certain pages on Mumsnet. This is related to a problem with one of the ads that we serve on some of our pages. Whilst we investigate further we've stopped serving any ads. As such, all pages on the site are safe to visit. Once the problem is resolved the ads will return in all their glory and we will request to be removed from the blacklist which drives these warnings.

Apologies for any inconvenience or scaring anyone!

Go to post
MNHQ

YetMoreTech · 22/12/2010 09:47

You will still get the warnings, until we ask to be removed from the blacklist. But we can't do that until we've switched the ads back on. And we can't do that until the problem has been eradicated. So whilst there is no longer any danger, you'll still get the warnings.

You'll get warnings even if you have an ad blocker turned on, because your browser is checking a blacklist (i.e. it's not detecting a problem itself).

Most browsers allow you to ignore the warning - if you do that you'll be able to view the page you want.

MNHQ

YetMoreTech · 22/12/2010 10:24

You can ignore the warnings, if your browser will allow it.

The issue has been resolved now and the ads are back.

We've asked Google (the original source of the blacklist) to recheck the site and once they've done so the warnings will go away.

Apologies for any inconvenience.

MNHQ

YetMoreTech · 22/12/2010 11:03

The root cause of the problem has gone, but you will continue to get the warnings until the blacklist is updated by Google. We've requested they do this but it can take a while.

Just to be clear, the warning does NOT mean you've got a virus.

MNHQ

YetMoreTech · 22/12/2010 12:31

pinkteddy, yep, you'll continue to get warnings for a while.

The warnings are not shown because there is a problem with the page, they're shown because the site is on a blacklist. It was put on the blacklist because of a legitimate problem with ads (nothing to do with a particular thread, particular user or anyone reporting anything) but that problem has been resolved. Trouble is, it takes a while to get the list updated.

Apologies for any inconvenience.

MNHQ

AdamTech · 22/12/2010 17:09

@QuintMissesChristmasesPast

I think the safest thing to do might be to NOT use mumsnet at all until this is fixed.

They should be updating us, and answering questions.

QuintMissesChristmasesPast, the site is currently safe to use but, as mentioned at the start of the thread, its blacklisting status will take some time to automatically update, as it isn't something under our control!

MNHQ

YetMoreTech · 22/12/2010 17:20

We're sorry for the inconvenience this has caused. Just to clarify a few things and reiterate some points:

The cause of the problem is solved, but because Google (who maintain the list of sites with potential problems) take some time to process things you may continue to get warnings for a while longer.

Depending on your browser you can choose to ignore the warnings. Some other browsers allow you to turn off the warnings altogether, though if you do that you do run risks when you visit other sites.

We don't permit advertisers to install any kind of malware at all - no spyware, no viruses, no trojan horses, nothing.

The problem this morning was caused by problems with our ad server. Based on the evidence we've seen no bad stuff will have been installed on your computer, but if you clicked on an ad you may have been taken somewhere other than where you were expecting. For example, if you viewed a page on Mumsnet (anywhere on the site), clicked on a Mumsnet book ad and got taken to Hotmail or Facebook and then entered your Hotmail or Facebook account details you should probably log back in to that service and change your password. This applies equally to Windows and Mac users.

We'd always recommend that you use an up to date anti-virus/malware program on your computer. If you need help choosing or setting one up, post in our Geek Stuff topic.

Requests to update other software like Adobe Flash, Windows Media Player and so on are unrelated to this issue. Computers freezing (unless they're in the garden) is highly unlikely to be related to this too. When you've got lots of users there is bound to be a few who have other problems at the same time as this happens but it's most likely coincidence, particularly if you're still having problems now.

If you have any other worries or problems please do post in reply, or send us an email if you feel you need to keep things more confidential.

MNHQ

YetMoreTech · 23/12/2010 00:03

"Given the huge & justified importance given by Mumsnetters to not "minimising" others' concerns, I feel MNHQ could have done more about this than tell us - effectively - it's all over now & not to worry our pretty little heads."

Hi Grace, and others who have voiced concerns.

I'm sorry you don't feel this has been well handled. We've tried quite hard to walk the fine line between providing information and not causing widespread panic. In between trying to resolve the problems, I've been posting about it throughout the day, trying to provide useful updates and I've encouraged people to ask questions and seek help if they need it. I do hope nothing I said came across as patronising, but if it did I certainly apologise. Obviously we have quite a range of technical ability amongst our users and it's hard to get it right for everybody every time.

When I posted saying that it was all over, it was. The threat had been removed. However because people were still getting the warnings we had to labour the point somewhat that "it's all over". It's true that that didn't necessarily mean it was over for someone who had been adversely impacted by it.

I did post earlier about the ad server. It was our own ad server that was compromised. The software that runs the main Mumsnet site is all custom built, which generally makes it no less vulnerable to attack, but of course it does mean that exploits used against other sites aren't generally applicable against ours. However, we operate a very commonly used ad server and someone was able to exploit a problem with it and consequently altered the legitimate code served up as each ad, appending malicious code to each one. I also explained the ramifications of the attack - every example of it that we looked at was not a drive-by download attack, rather a phising attack, targeting hotmail and facebook, whereby if you clicked an ad you were shown a login page which an unwary user might fill in. I can't say for sure that that's the only possibility, but it's the only one we've actually seen.

Since then there have been people who have had problems which do seem like too much of a coincidence, so perhaps they were caused by this attack on Mumsnet. We can't say for sure. I wish I could be more definitive for you.

Updates being triggered may well be entirely coincidental. After all, when you think how many users Mumsnet has it is likely that some of them are going to be on an update cycle that would have been triggered today regardless. If there is a 1:365 chance of an update on any given day and you have tens of thousands of people then some are going to happen today. The same could be said of them being infected with malware, though I reiterate, I am not saying that it wasn't related to the problems we suffered. Certainly people who went to no other sites and were impacted would reasonably suspect the problem was passed on to them through Mumsnet.

With regard to trust, I think many (most?) users do "trust Mumsnet" in the sense that they trust Mumsnet will keep their information private, that Mumsnet won't sell their details to other people, that Mumsnet won't knowingly use malware, or allow its advertisers or other partners to do so, and so on. That trust is well placed. Unfortunately, Mumsnet has been a victim of a malicious attack on this occasion and that has inadvertently been passed on to our users; that doesn't, or shouldn't, mean that people can't trust Mumsnet. But we are part of great unwashed world wide web though, so we suffer attacks, software and hardware errors, human errors and so on just like everyone else.

Please do remember that though our ads do contain code which executes further code stored and served by third parties. We hope and endeavour to ensure that that code is safe, but it might not be, hence the recommendation to always use up to date malware protection. We only knowingly operate with reliable third parties and if any problems are brought to our attention we address them as quickly as we can.

Please do continue to ask questions until you feel satisfied with our responses; whilst nobody is happy that Mumsnet was attacked in this way we want to do our best to help with the consequences of it. Either post on this thread or email us directly.

For the wider audience, once again I do apologise for any inconvenience that has been caused. We reiterate our advice to use up-to-date anti malware protection on your computer and to post in Geek Stuff if that advice makes no sense!

MNHQ

YetMoreTech · 23/12/2010 00:40

Thanks DEMDS - it sounds like the code was a legitimate ad, which had been blocked by something so instead of executing the code it displayed it, but then it did finally execute (or something!).

MNHQ

YetMoreTech · 23/12/2010 12:59

Grace:

You're welcome.

LimeJelly, Hassledge, Tribpot and Angelbabe:

Out of interest, what Operating System do your computers use? It's disappointing that "in this day and age" just the existence of something on a web page should be able to infect your computer. I am not saying that to try and play down our responsibility - we really are very sorry for what happened. We take this kind of thing very seriously, but there are lots of websites out there that either can't or don't - this must make browsing the web a treacherous experience for people with systems like yours.

Wannabe, we (obviously by now) definitely had problems yesterday, but nobody else has reported problems over the last two weeks. There have been some multimedia ads which result in your computer having to download quite large amounts of data, so that might have caused your browsing experience to slow down, but it shouldn't impact your PC more broadly.

Finally, whilst blocking ads/scripts is something we can't stop you doing, remember that without ads there would be no Mumsnet. We'd much rather address the issues with particular ads than have people block them completely.

MNHQ

YetMoreTech · 23/12/2010 16:26

teddies:

Theoretically yes, if you are using something that blocks the ad scripts from being downloaded then they could never run (because they weren't downloaded). I can't say with 100% certainty though.

Rocianante:

That's interesting. I would have thought Windows 7, Firefox and McAfee would have provided you with adequate protection from a non user-instigated download (drive-by download). I am assuming that you didn't click any ads and agree to download/install anything, given that you've written about the problem in a way that suggests you're an experienced Windows/web user. This is a dreadful state of affairs. Having to be fearful of just visiting a web page is awful! Have you been able to remove the malware now?

Apparently at present in the UK 2.5% of PCs with anti-virus protection have malware and 17% of those without anti-virus protection have it.

MNHQ

YetMoreTech · 27/12/2010 12:16

HettyAmaretti, whilst it would be wrong to say that OS X never gets viruses, it is very much more resilient. Put it this way - when we were having the problems with malware, the first thing I did was visit the problematic pages (using OS X) so that I could see what was going on. MNHQ uses Macs and has done for years. Not one of them has any anti virus protection and not one of them has ever had a virus AFAIK. In over 10 years of using Macs I've never seen one download and execute something that wasn't requested. Again, not saying they're immune, but generally they suffer fewer problems in this regard.

Pekkala and Eurostar - sorry, it's impossible to say for sure either way whether your problems are related to Mumsnet.

MNHQ

YetMoreTech · 27/12/2010 23:43

Pekkala,

Chances are that most messages that pop up saying you must do this or that are fake, particular if they say you must install a piece of software and even more so if they say you have to pay for it! You can often tell because they're either something you're not knowingly using (e.g. antivirus software you've not installed) or they look subtly different from what they would usually look like. It's not always that easy though.

Let's hope your problem is solved.

That site linked to earlier has this pretty comprehensive guide to getting rid of common malware:

www.bleepingcomputer.com/virus-removal/

Watch this thread for updates

Tap "Watch" to get all the latest updates

End of posts

There are no more MNHQ posts on this thread

Back to thread