Did you access Askaboutmoney on Xmas Day?

Askaboutmoney was hacked on Xmas Day sometime after about 11 am. We shut down the site at around 11 pm. (There were 2 posts during the time the site was affected)

We took the site down until we had removed the malware. Google last found malware on Xmas Day so if you have accessed it since then, there is definitely no problem.

If you tried to access the site on Xmas Day using Google, Google Chrome or Firefox, you would have received a very clear message that the site should not be trusted. You should always respect these warnings.

If you accessed Askaboutmoney using Internet Explorer, you would not have got the message.


I am still not sure how the malware worked. I think it redirected you to a site which hosted malware.

Your anti-virus software should have kicked in at that stage.

I feel confident that no one was impacted, but if you did access Askaboutmoney on Xmas Day, if you were redirected to another site, and if your anti-virus software was not up to date, be vigilant. Run your anti-virus software to see if there is any malware on your computer.

I apologise if anyone has been affected by this.
 
I was wondering why I was getting a "Malware Ahead" warning.

I am on holidays in Bulgaria at the moment and thought it was something ip related.

Glad to hear all is now well again.
 
Hi Brendan,

Well done on getting most of these issues sorted over the Christmas period.

Users with Internet Explorer were not given a warning before they visited the website. However, uses with Internet Explorer, would have been given a warning before they downloaded executable software that they might have been redirected to. Hence, hopefully, nobody, even IE users, were affected.

It seems strange that Google unblocked askaboutmoney.com but not askaboutmoney.ie at the same time. I assume the request was sent at the same time? Did the hosting provider definitely mention askaboutmoney.ie when making the request to Google?

Separately, I see emails from the askaboutmoney.com domain are no longer been marked as spam by Gmail as well.
 
Did the hosting provider definitely mention askaboutmoney.ie when making the request to Google?

Hi Ciarán

Probably not.

I focussed purely on askaboutmoney.com and had to make sure it was clean before worrying about askaboutmoney.ie. It's only a minor issue as I presume most people access it via askaboutmoney.com

Brendan
 
All good - access is fine. Was a bit worrying when the almost frightening Malware screen came up from Google Chrome! I shut down the laptop, did a complete scan using Malwarebytes, tried the next day and still the same! Seems ok now. Well done, Brendan, for hosing those boodies!
 
Well reading back over Google's reports I can not see a single reported instance of Askaboutmoney delivering up a virus of any type. It seems it was put on their list because it was hosted on servers where other sites had recently served up malware.
 
Well reading back over Google's reports I can not see a single reported instance of Askaboutmoney delivering up a virus of any type. It seems it was put on their list because it was hosted on servers where other sites had recently served up malware.

Interesting.

On one hand, that makes sense. I visited askaboutmoney.com on Christmas day and I did not get any malware software download prompt.

On the other hand, what Google says then does not make a lot of sense when it specifically references "this site" on their askaboutmoney.com diagnostic page.

http://www.google.com/safebrowsing/diagnostic?site=askaboutmoney.com

What happened when Google visited this site?
Of the 839 pages we tested on the site over the past 90 days, 692 page(s) resulted in malicious software being downloaded and installed without user consent. The last time Google visited this site was on 2013-12-28, and the last time suspicious content was found on this site was on 2013-12-25.

If what you are saying is correct Jim, then Google should really have a disclaimer on their page that says that their diagnosis refers to the hosting server and not specifically to this site.
 
I can't remember if I visited AAM on Christmas Day, but I did on St Stephen's Day and saw the google chrome warning. I assumed it was a hacker type problem and tried a few times to access the site. Out of curiosity I chose to proceed to the AAM.com site and got on, saw Brendan's warning post and exited.
 
I got warnings about the when using both Safari and FireFox on Christmas Eve night or very early on Christmas day. Once I saw Brendan's message later I left the site alone for a couple of days. Well done for sorting the confusion out and calming the alarm bells.
 
What difference does it make if it's .ie or .com?

The real site is .com

If you type in .ie, you will be diverted to the .com automatically.

So I suppose it makes no difference. It took us a bit of extra admin to get the warning removed from .ie

Brendan
 
I got warnings about the when using both Safari and FireFox on Christmas Eve night or very early on Christmas day.

I checked Askaboutmoney at around 10.30 on Xmas Day and got no alert.

I checked again at around 1 pm and got the alert.

Did you get it before 10.30 on Xmas Day?
 
... Did you get it before 10.30 on Xmas Day?
The warning I got was from the WOT (Web Of Trust) extension installed in the browsers, so the warning was triggered local to me. It flags "untrustworthy" sites listed on a data-base somewhere and warns you before you access the site. WOT was the first indication I had of a problem on AAM and I chose the "Get me outta here" button.

I can't be precise on the time as I had visitors until late on Christmas Eve and left the house around 10:30 hrs Christmas Day and wasn't back until the early hours (?) on St. Stephen's Day by which time your warning was in place IIRC.

My browser history for the period is gone as I purge history, caches, temp files etc before my weekly full back up (all automated unless I have reason to stop it). My "changes-only" back-ups haven't been set to capture browser history.

I'm sorry it's all so vague and unhelpful, but it was that time of year.
 
Back
Top