Reply With QuoteStill happening to me as well. 12.02
Stuart
Still getting them despite using an ad blocker in Firefox
Still happening to me as well. 12.02
Stuart
Ongoing every time I click a link aaaggghhhh
It was for me as well BUT I'd disabled adblocker for the tz site (so the fundraiser/clock would work). Once adblocker enabled for tz and the browser restarted then the adblocker worked fine.Originally Posted by Rod
Still getting them despite using an ad blocker in Firefox
Using Chrome on MacBook Air. Cleared cache. No ADB. Not even logged in. Still getting scam popup tabs on click.
Seems to be ok on my iPad now, but still affecting iMac.
Edit. iPad still affected. :-(
Last edited by magirus; 3rd March 2017 at 13:37.
F.T.F.A.
You haven't, just close the pop up.
They're just pop ups, I wouldn't start clicking on anything though.My question is - is this just an annoying pop up thing or are personal details, log in and contents of PM's etc at risk?
Still on my mac and chrome browser even after clearing out the cache / cookies etc.
Same on my iPad on safari but the ad blocker (Crystal) is doing its job.
Thanks!
Good job the breast size selector website didn't draw me in
ublock Origin on Firefox prevents the problem.
Swapped to the mobile version, no pop-ups!
Switched back to the full site, and they're still gone. Whoopy doo!
Last edited by apm101; 3rd March 2017 at 14:08.
On Chrome, I went to Settings - Show Advanced Settings - Clear browsing data - Obliterate cached images and files.
Seemingly, I'm now fine
All good now
They're back. >:-(
Can you do a full refresh (CTRL+F5) and confirm that? I've ABP turned off now... and not a popup. The script code is also gone from the background....
EDIT: Refreshed, ABP off.. tried 5 pages and reply button.. nothing. Also, the page code is clean - with no script injections as before.
Last edited by JohnnyE; 3rd March 2017 at 14:30.
Curious, I was getting them yesterday but activated my AdBlock add-on in Firefox and they stopped. I'm using an old MAC.
I can't get rid of them on my android mobile despite installing adblockplus.
scooter
Did this (again) in Chrome and not getting any popups now. Seems fixed.
Looks like a one-off, seems OK since posting that.
Try this:
Settings -
Applications -
Application Manager -
Chrome (or whichever browser you use) -
Storage -
Clear Cache
I just did that on my Samsung, and I'm now free there too, it seems
Yes indeed. The site IS infection free right now. Persistent problems will be down to local caching on people's devices.
does seem ok now..
Logged out of TZ, cleared Safari caches/history, etc, (MacBook Air), turned off ABP, closed and reopened Safari, logged back in, and hooray!
Looks like scam popups are gone (although I'm already missing the breast size one a little).
Seems to be ok for me now on safari. Had to send the kids out of the room every time i opened TZ.
Ive now cleared the cache and turned off Adblock
Things seem fine now and its nice to have the clock and TF/Virgin banners back
Works fine here! (Safari, Macbook). Looks as if it's faster than ever. Great work Eddie thank you very much!
Menno
Another okay here now on Firefox.
Looks like it's fixed.
Working at last,phew.
You beauty.
scooter
Nicest thing anyone has said about me in months
Change password even if people haven't entered it to log in since this started (personal;ly I never log out and so it keeps my session open pretty much constantly) ? You think the password database could have been compromised and decrypted ?
Whether people have entered it again or not, its stored in the forum's SQL Database tables. If malicious code was capable of injecting script code into the main forum page, then it is capable of executing other things in the background.
It would be prudent to change your password for sure, and if its one you use elsewhere.. do the same in those places too.
Highly recommend the likes of lastpass.com to assist with all this (although there are many other options out there).
Looks like it's gone. All hail Krystal lads!
Good question re passwords sec, if they are encrypted then no need to change them I suppose..
Fas est ab hoste doceri
As long as they weren't re-entered during the 'attack'.
Not necessarily, the database should use separate authentication from the file system if best practise has been followed. But I don't know enough about the setup to know for sure. It certainly is a concern if you're exchanging Bank Details via PM for the purposes of watch sales.
I hope that the 'Pits and Pelts' thread hasn't been corrupted
How could you tell? The whole thread is a corruption of decency.
I prefer to think of it as specialist interest sub forum for discerning gentlemen
That was annoying. Ended up reading a book.
Thankfully that's over. Not been able to access TZ at work due to NSFW content!
Looks like JohnnyE knows what he is talking about - he's been giving good advice all through this thread.
Well I think it's good advice, IT is like witchcraft to me!!
Just to calm nerves.. I'm sure Eddie will be along if he needs to be.. but the whole site was copied down today to a local PC and manually virus scanned. It came up clean after the malicious code had been manually removed.
These types of hacks aren't personal. Every "onclick" popup was raising a bit of money per click.. for the guys who did it. They dont know us.. nor care - it was probably an automated attack anyway. Chances are - they have so many infected sites out there earning them click money that they are laughing all the way to the bank and couldn't care what our logins are!
BUT.. given that nobody REALLY knows how the script got there in the 1st place.. and hosts never answer that question.. its prudent to change your password. Yes, they're encrypted... but there's ways around that - ways that are easily found on Google for older versions of the forum software.
No cause for alarm at all. Just be careful to slowly wean yourself off the websites you are now missing... and stay away from the P&P thread in the Boys' Room!
Last edited by JohnnyE; 3rd March 2017 at 20:24.
It's thankfully still intact, which is more than can be said for the nether regions of the majority of ladies these days.
Taking sharp steel to a ladies private areas is much more indecent.
Indeed Sir, those who aren't interested should look elsewhere.
Just got a PM from TaketheCannoli... he can't post a reply here nor start a new thread:
Best to hang on resetting anything for now.In light of the recent pop-ups issue and taking your advice I've just changed my password and the email address my notifications go to and the result is that I can no longer reply to or start threads and I've lost access to sales corner! Also my inbox limit has been set to 50 so I've had to clear it to send this to you - what's going on?
It's as though my privileges have been set to those of a new member. I can see my profile and my joining date still shows 2011 and my post count is still above 8000.
Surely the password is encrypted so useless to anyone else?
Yes, on the face of it, but there are tutorials out there showing how to unencrypt the older VBulletin password tables.
Thanks. Disappointing if they can be cracked.
It would take a determined hack - one that would need to be targeted/personal... so I really don't think its a worry here.
EDIT: The solution of sorts is unique passwords wherever you go. I installed Lastpass a good while back and was audited with an initial secure rating of 17%!! I had what I thought was a great password - but I was re-using it everywhere. It took a few weeks of work, but via Lastpass and its password generator, I'm now at 99% on the same security audit!
Last edited by JohnnyE; 3rd March 2017 at 21:51.
I've found Lastpass to be irritatingly unreliable. It often disappears from my toolbar and I have to start it again. I use it but I don't trust it. I keep every password/email login in an Excel file stored off-computer. If the browser or Lastpass let me down, which they do, I copy and paste from the Excel file.
Fair point! I've just been buying car insurance there... whilst lastpass wouldn't let me type in the login name to the entry. It can be glitchy indeed.
Posting Permissions
