Report of Unexpected Redirects on lxer.com
|
| Author | Content |
|---|---|
| linuxer Jul 23, 2023 6:18 AM EDT |
Dear Team, I hope this message finds you well. As a long-time user of lxer.com, I have recently observed some unusual activity on your website over the past few months, which I'd like to bring to your attention. Random Redirects: Occasionally, when visiting lxer.com, I am unexpectedly redirected to an unfamiliar URL, which then prompts me to allow notifications. At first, I considered it as a result of an inadvertent click on my end. However, the issue has been persisting, and the URL I'm redirected to always varies. Here's an example for your reference: https://ibb.co/Kyhj8F2 It seems that there is a certain mechanism triggering these random redirects. My usual route to your website involves a search on DuckDuckGo for lxer and then clicking on the link from the search results. I would like to highlight that I've encountered this issue across multiple devices, including phones and a fresh installation of Debian Desktop. I've taken this step to rule out the possibility of the issue stemming from local malware on my end. Furthermore, I've also tested this across various external IP addresses, but the problem persists. I trust that you will look into this matter and I look forward to your response. Best regards, linuxer |
| bob Jul 23, 2023 11:28 AM EDT |
Thanks for your detailed report. We will investigate and post here the resolution. |
| linuxer Jul 24, 2023 6:20 AM EDT |
Hi Bob, thank you for looking into this, much appreciated. I have also recorded a video this morning of the whole process let me know if you need it. Furthermore, try to clean your cache in order to reproduce this issue. I have my browser set by default to clean all cache after exit so perhaps the redirect only happens when the cache is clear. Furthermore: This might be a stretch and unrelated but I just discovered that this issue could be already reported previously: http://lxer.com/module/forums/t/35763/ Please let me know if I can be of any further assistance. linuxer |
| bob Jul 24, 2023 6:02 PM EDT |
Hi linuxer, An sql injection exploit, from IP addresses in Jakarta, put a link to remote javascript in three places on LXer. The (obfuscated) remote javascript code served to provide unexpected redirects to advertising sites. I was never able to duplicate this issue in a browser here, so I would ask you to retest and verify that the redirect issue is now resolved. Thanks for your help, Bob |
| linuxer Jul 25, 2023 3:38 AM EDT |
Hi Bob, I've conducted a few tests and so far, the results are good. However, it's too early to draw any conclusions. If the issue persists, I'll likely encounter it during my regular lxer visits. Should I come across this malware again, I will report back. Thank you for looking into this. Best, linuxer |
| dba477 Aug 04, 2023 2:29 AM EDT |
Attempt to open entry in news-wire - "Linux Mint Charts Course for LMDE 6 & Wayland" opens the article "Fedora Asahi Remix to Empower Apple Silicon Users!" with URL https://debugpointnews.com/fedora-asahi-remix/ . Thus the issue still persists. |
| bob Aug 04, 2023 1:34 PM EDT |
I see that the poster of that story put in the wrong link. It appears that it should have been https://debugpointnews.com/lmde-6-wayland/ I've made this correction to the posting. |
| dba477 Aug 05, 2023 1:53 AM EDT |
Thank you for posting a correct reference link . |
| linuxer Aug 29, 2023 4:31 AM EDT |
Hi Bob, So far, so good. I have not encountered the issue again since the fix. Best, linuxer |
Posting in this forum is limited to members of the group: [Editors, MEMBERS, SITEADMINS.]
Becoming a member of LXer is easy and free. Join Us!