Make:

• Really illegal soapbox derby
• Steampunk conference report, part II
• Datamancer's ergo board
• "Maker" is what I do, "steampunk" describes the style
• Skippy racer
• Steam Powered reaching pressure

Posted by: cyenobite2 on September 5, 2008 at 1:23 PM

Hello Makezine,
I thought I should mention this...
I just loaded your site, and as soon as the page completed loading, the page closed, and a smaller window popped up telling me that my computer was infected with a virus. I had the option to download antispywaremaster or cancel. Obviously, I hit cancel, but then got stuck in a loop of popups that kept telling me the same thing. I had to forcequit firefox. I am on a mac, using firefox, with popups blocked, so not sure how it got past that.
I don't know if I got this from your site, or from a site I had just came from, but thought you should know and be on the lookout.
I did find that it had loaded a set of cookies which I've since deleted, and everything seems fine now.
To anyone else who may have seen this popup, it is a malware program. Don't download it!
glad I have a mac, but still it was a bit of a panic there for a minute.
I have screenshots if anyone at make wishes to see the warnings.

@cyenobite2
Antispywaremaster is a variant of antispywaredeluxe. Both are a Windows only executable. The popups you're talking about don't make any sense to me. Even though you're on a Mac and using Firefox, both Mac and Firefox aren't susceptible to browser hijacks or drive by download. The only way I could think of doing this is a java app running on another webpage. It is possible for the bad guy to inject bad code into a webpage that causes Windows and Internet Explorer to run and install a virus. Spysheriff and the newer Winantivirus2008 (and others) do this. Even if the virus writer injected code into Makezine, the Mac and Firefox wouldn't and couldn't do anything with Windows code. I'm not trying to defend Makezine here, it just seems odd to me. Could you tell us what your previous websites were? I'd like to see how it was done.

A anti virus pup up opened here to, i closed it automatically, so i cant tell if its the same, but it was blue and with a little pixel looking logo at the upper right.

I thought it appeared when i clicked PLAY in this video. check it out makezine.

Posted by: cyenobite2 on September 5, 2008 at 2:34 PM

Thanks jammit, I know, I'm confused over this one too. I have only been on 4 websites today, google, youtube, and bob barr's president site (no, I'm not voting for him, just learning about what the libertarian party believes in), and chess.com. I am kinda leaning towards chess.com because they are using some fancy javascript to run their site. I also alerted them too, and of course they denied it.
I have tried re-visiting these sites today, to see if the cookies would re-appear and they have not. So perhaps I picked them up from a previous day's browsing... but then I see that lolec has had a similar problem so now I'm back to suspecting make? (Sry, I don't mean to sound accusatory).
I'm on a mac osx 10.3.9 running firefox 2.0.0.16 (if that's relevant to anyone).
Again, I'm not saying my machine was actually infected by the virus, but it's the pop-up that I'm concerned about.

Posted by: Phillip Torrone on September 5, 2008 at 3:17 PM

hiya - it wasn't MAKE. i tested this on all browsers, all OS (well, most common).

but either way, our team is looking in to it.

Posted by: cyenobite2 on September 5, 2008 at 7:36 PM

So I got home tonight and checked in on this thread to see if there were any more comments... as I was reading your response pt, the window (and url) changed with a large warning "Reported attack site" - BUT with the url that said "antispywaremaster.com" - again, I just closed the window.
I just sent you an email explain all this a little better.
I posted a screengrab to my flickr site for you to look at if you like. (link is in my email).
So a different mac, differnt operating system, newer firefox, and still something fishy is going on.
I just went through and checked some of my cookies and there were quite a few spyware associated cookies. I cleared those. Perhaps something there was being trigger by your site?
anyway... thanks to you and the team for looking into this.

@PT-

I got the virus popups as soon as I cliked on comments. Avast trapped it and aborted the connection.

First time I have gotten something off make...

This connection showed no problem. Hm.

Posted by: mrfixitrick on September 7, 2008 at 3:12 AM

There was a recent update to Firefox, but just for Mac OS 10.4 and up.

The following quote is from that Firefox 3.01 update:

# Fixed several security issues.
# Fixed several stability issues.
# Fixed an issue where the phishing and malware database did not update on first launch.
# Under certain circumstances, Firefox 3.0 did not properly save the SSL certificate exceptions list.

Would that explain the problems??

Otherwise, I loved the Jake Von Slatt video, and it played well on my Mac!! Great intro to steampunk...well done interview!

Posted by: Phillip Torrone on September 7, 2008 at 7:57 AM

we're going to remove the video, it's not coming from us - so it's a good idea to eliminate that as a variable.

Posted by: Phillip Torrone on September 7, 2008 at 8:52 AM

[Editor's note: A few commenters said there was a "pop up" when they played this video but we were unable to reproduce this. As a precaution we've removed the video and also evaluated our site for any potential pop-ups, bad javascripts, etc. We also had our team scan our entire site for any web nasty, nothing turned up but we'll continue to look in to -

we checked the site content with ClamAV antivirus and didn't find any malware, please see report below:

----------- SCAN SUMMARY -----------
Known viruses: 415407
Engine version: 0.91.1
Scanned directories: 1
Scanned files: 21514
Infected files: 0
Data scanned: 1384.82 MB
Time: 622.952 sec (10 m 22 s)

Posted by: anachrocomputer on September 8, 2008 at 8:37 AM

I've had this pop-up three times now, all when browsing Make's blog. Second time, it was caught by Firefox's anti-malware trap. I suspect it's being served by one of your advertisers. The name "antispywaremaster" was mentioned in the Firefox report.

Posted by: Phillip Torrone on September 8, 2008 at 11:29 AM

we are still looking in to this with our ad partner(s) - thanks for letting us know. we of course do not want this on our site at all.

Subscribe today, save 42% and get web access to MAKE free. MAKE Digital Edition is available only to subscribers.

$34.95 / 1 year
(4 Quarterly Issues)

Subscribe now