The end of malware complaints on ATS?

It's been more than 30 days since our last known complaint of malware issues while browsing ATS. (Regarding that complaint, we've stopped using the CPX ad network)

As many members may know, this has been a nagging issue that's often been difficult (if not impossible) to track down. However, we've long suspected two sources of the problems:

Banner advertising networks

External image hosting

In fact, we've been able to document several cases of attempted malicious code injection from compromised image hosting sites, as well as advertising with problems.


Advertising: In the scheme of things, we're still somewhat of a small player, so it's been hard for us to get into the "cream of the crop" of online advertising. Additionally, we have lots of page views (13+ million a month) and visitors. So in an effort to improve our bottom line (we have growth plans you know), we tried out a third-part ad optimization service for several months, beginning in late 2008. We've not used them since mid-March.

Part of the optimization service was filling "unfilled" ad inventory with ads from lower-tier providers (in cases where our higher-level providers of ValueClick, Casale, TribalFusion, etc. don't have an ad for a particular users). Well... as it turned out, some of those "lower tier" providers were in the habit of delivering problematic ads.

We've moved to a different system of optimization where we have direct control and oversight, and essentially fired the previous firm. Since that time (and killing the CPX ads), things seemed to have dramatically improved.


Image Hosting: The other problem was image hosting, and several times we discussed limiting avatars and images to the ATS domain(s)... in fact, this was an often-enough seen suggestion by members as well. Since we had plans to integrate a video-sharing portal, we accelerated those plans and also focused on a broad-spectrum all-file-types media portal service.

To go along with that, we also engaged in two services that constantly scan our servers for potential problems. One service scans all images and HTTP headers for signs of malware injection code, and another service scans our pages for possible ways to inject malware. Additionally, all images and videos are delivered over a high-performance content caching network, that also performs periodic scans.

Once this "safe environment" was in place, we switched over to requiring all image hosting through our media domain.


It appears as though these two strategies has very-nearly wiped out the once-numerous reports of malware encounters while on ATS. We had plans to create a type of "help desk" system (mentioned here), but it seems like it's not needed any more.


But still... if you find problems, let us know. The fastest way is to use our Complain/Suggestion Forum or U2U me directly.

reply to post by SkepticOverlord


I have yet to have had difficulty with malware, but I'm glad to see the issue got taken care of so that ATS can go back to the way it was, without trouble and interruption.

Keep up the good work and keep ATS rolling.

mm sometimes i get error scripts but ya i did get some stuff on my pc but i didnt have a clue were it was from!!

ATS is a great community and we know you need to make dosh to keep it all going so # happens!


but its nice to see you do your best to keep us all safe

reply to post by SkepticOverlord


Good deal, Bill. I can't express how much I appreciate you and ATS staff watching out for us all the time. I don't have the computer/internet savvy you all do, and depend upon your expertise.

I have used the ATS hosting for my avatar with no problems. Yesterday I tried to upload a series of photos of my own of an Inferior Mirage Green Flash (why was that necessary to capitalize.... I don't know) AAAAAanyway, I kept getting an error message of "incorrect file type", or something really close to that. I just sent this same photo series to National Geographic, as well as Spaceweather.

So, I'm wondering if the image hosting is trying to truncate the file size -- we're talking seven photos of 2.5 MB or so, as they were regular .jpeg files.

Keep up the good work, is all I can tell you...... I appreciate you and your family of mods and all those unknown cyber-heroes behind the scenes there that keep this great website running. Iriemon, you da best.

I've been wondering where the ads have gone. Is this why the ad space to the top and right of a thread are now gray for me? If not, then that's happening when I view a thread. Noticed it a couple of days ago and wondered why. I have nothing on my end that would disable ads (that I know of).

I have no idea what you just said but I get the gist of it. We're good, right? For those of us who are technically challenged, we thank you for your efforts.

Well I haven't had any problems I know of, but thanks for trying to make ATS a better, safer place!

Originally posted by argentus
they were regular .jpeg files.

If that's the extension, then that was the problem. The extension will need to be .jpg to use online.

I never had a virus problem from ATS, but I know some folks did.
It's good to know that that the problem other folks were having seems to be fixed, and I'm grateful to the staff for taking care of the issue.

Originally posted by tamusan
I've been wondering where the ads have gone. Is this why the ad space to the top and right of a thread are now gray for me?

One reason, yes. When our primary ad providers run out of ads for you, then you'll see the gray box.

We're also experimenting with a super-secret thing some members may have noticed today... but too soon to comment on that just yet.

Thank you! Your hard work and efforts are most appreciated. It's a great site and it's good to know you're looking out for us.

reply to post by SkepticOverlord


And when will this "super secret thing" be made public?

Originally posted by jkrog08
And when will this "super secret thing" be made public?

When it's no longer "super secret."

No problems here, SO. I use Firefox with a few add ons...
I guesss it's the people with "IE" (Internet Explorer) that might experience problems. The only thing that helps then is to get an update OR use firefox, etc. Nope, ATS is fine for me.

Kind Regards,

SDB


P.S. Additional to the "IE" I would use "Spyware Blaster"..., furthermore "Superantispyware", "Crapcleaner" (CCleaner) and possibly a good firewall like "Outpost" IF I were concerned.


Love ATS!

reply to post by SkepticOverlord


i want to let you know that i am impressed with your admission to this issue, and how aggressively you have resolved it.

There was a time in the past when i made a malware complaint and was berated by fellow members and kind of snickered at by staff. It led to me seriously throttling how much i visited the site.

However, you are correct. The issue is vastly improved. Thank you, kind sir. I really like this forum and am very happy to be able to enjoy it.

Bill,
Not that it is any relevance to the matter but,
Awhile back... maybe several months or so ago I had noticed some minor issues with the site when I was trying to access it from my old defucnt laptop. For me mainly just a slowing to load pages was all I had experienced, but sometimes it came to a standstill.

As of the last few days while I have been on the old machine I have noticed some dramatic improvement in speed though I'm not sure I will chock that up to malware infecting the site per se, being on mac OSX I rarely worry about such things... but it seems to be working better for me and this 500 mHz machine.

Keep up the good work,
-TEL

Flee it's Swine Flu all over again!
Viruses Viruses and not a Tamaflu to drink.
Have we found the cure to Swine Flu? I THINK SO!


(Honestly I have never had any problems with malware on ATS.)

Oh, I have been meaning to make a post to one of the 3 amigos about the malware attack I received while viewing the ATS main page.

My "AGV Free Antivirus" stopped an attack on my IExplorer.exe process when I clicked on the "Home" button on the ATS navigation bar.

Since it was on the homepage, and I trust ATS, my conclusion was that it was an advertisement that cause the problem.

Either a deliberate attack, or a false positive. I didn't have enough time to see what ad's were visible because the second I got the message I shut down the iexplorer process.

But, I believe, from experience, the advertisements that are like "games" where you have to click a moving object or something, are known to cause false positives, or even known to actually be real malware.

I guess the code that is needed to track the mouse movements is almost the same code needed to log keystrokes like a key-logger, which sometimes causes false positives on anti-virus software.

I had some issues of this nature back in the December-January time frame, but rather than filing a complaint. I just installed a script blocker on my end, that seemed to have resolved the problem. I reckon this means I can turn it off and do a test run now...

nenothtu out

Originally posted by 0nce 0nce
My "AGV Free Antivirus" stopped an attack on my IExplorer.exe process when I clicked on the "Home" button on the ATS navigation bar.

Actually, the free version of AVG does give out lots of false positives, as well as categorizing many cookies as spyware.

If that happens again, see if you can U2U me any details.