Report of Unexpected Redirects on lxer.com

Forum: LXer Meta ForumTotal Replies: 8
Author Content
linuxer

Jul 23, 2023
6:18 AM EDT
Dear Team,

I hope this message finds you well.

As a long-time user of lxer.com, I have recently observed some unusual activity on your website over the past few months, which I'd like to bring to your attention.

Random Redirects: Occasionally, when visiting lxer.com, I am unexpectedly redirected to an unfamiliar URL, which then prompts me to allow notifications. At first, I considered it as a result of an inadvertent click on my end. However, the issue has been persisting, and the URL I'm redirected to always varies. Here's an example for your reference: https://ibb.co/Kyhj8F2

It seems that there is a certain mechanism triggering these random redirects. My usual route to your website involves a search on DuckDuckGo for lxer and then clicking on the link from the search results.

I would like to highlight that I've encountered this issue across multiple devices, including phones and a fresh installation of Debian Desktop. I've taken this step to rule out the possibility of the issue stemming from local malware on my end. Furthermore, I've also tested this across various external IP addresses, but the problem persists.

I trust that you will look into this matter and I look forward to your response.

Best regards,

linuxer
bob

Jul 23, 2023
11:28 AM EDT
Thanks for your detailed report. We will investigate and post here the resolution.
linuxer

Jul 24, 2023
6:20 AM EDT
Hi Bob,

thank you for looking into this, much appreciated.

I have also recorded a video this morning of the whole process let me know if you need it. Furthermore, try to clean your cache in order to reproduce this issue. I have my browser set by default to clean all cache after exit so perhaps the redirect only happens when the cache is clear.

Furthermore: This might be a stretch and unrelated but I just discovered that this issue could be already reported previously: http://lxer.com/module/forums/t/35763/

Please let me know if I can be of any further assistance.

linuxer

bob

Jul 24, 2023
6:02 PM EDT
Hi linuxer,

An sql injection exploit, from IP addresses in Jakarta, put a link to remote javascript in three places on LXer. The (obfuscated) remote javascript code served to provide unexpected redirects to advertising sites.

I was never able to duplicate this issue in a browser here, so I would ask you to retest and verify that the redirect issue is now resolved.

Thanks for your help, Bob
linuxer

Jul 25, 2023
3:38 AM EDT
Hi Bob,

I've conducted a few tests and so far, the results are good. However, it's too early to draw any conclusions. If the issue persists, I'll likely encounter it during my regular lxer visits. Should I come across this malware again, I will report back.

Thank you for looking into this.

Best, linuxer
dba477

Aug 04, 2023
2:29 AM EDT
Attempt to open entry in news-wire - "Linux Mint Charts Course for LMDE 6 & Wayland" opens the article "Fedora Asahi Remix to Empower Apple Silicon Users!" with URL https://debugpointnews.com/fedora-asahi-remix/ . Thus the issue still persists.
bob

Aug 04, 2023
1:34 PM EDT
I see that the poster of that story put in the wrong link. It appears that it should have been

https://debugpointnews.com/lmde-6-wayland/

I've made this correction to the posting.
dba477

Aug 05, 2023
1:53 AM EDT
Thank you for posting a correct reference link .
linuxer

Aug 29, 2023
4:31 AM EDT
Hi Bob,

So far, so good. I have not encountered the issue again since the fix.

Best, linuxer

Posting in this forum is limited to members of the group: [Editors, MEMBERS, SITEADMINS.]

Becoming a member of LXer is easy and free. Join Us!