[Dx-qsl] QRZ.com virus?
Vlad_UA6JD
ua6jad at yandex.ru
Tue Dec 27 12:06:16 EST 2011
I just completed a security sweep of QRZ after having received several
reports of embedded viruses
on our site. The sweep consisted of downloading all of our advertiser
graphics and code and
running it through the latest Norton Internet Security, updated only
minutes prior. The scan
of the advertising images was completely clean.
Our site also disables all user Javascript on the callsign pages.
Actionscript (Flash), however,
is enabled.
Next, I used the Google Safe Browsing diagnostic available at:
http://www.google.com/safebrowsing/diagnostic?site=http://www.qrz.com
and
http://www.google.com/safebrowsing/diagnostic?site=http://forums.qrz.com
Both queries returned clean results with no prior history.
All this begs the question, i.e. "what is going on?".
At this moment we can only speculate. As the situation develops, we
would appreciate
more information about what exactly you were doing on QRZ whenever you
notice unusual
behavior.
For example:
- Which page on QRZ were you looking at?
- Were you looking at the Forums or a callsign data page?
- Were there any unusual ads, graphics, or images on the page?
- Does the web browser address begin EXACTLY with http://www.qrz.com/ ?
- Did you use a bookmark, or were you directed to QRZ from a link
on another website?
- Which anti-virus software do you use? Is it up to date?
We can solve this problem, but only with more input from those
affected. One cannot be
over-descriptive when reporting a problem such as this. Just telling
us that you got a virus
may be noteworthy but is not helpful if it lacks detailed description.
We are eager to learn the source of this issue, and will take whatever
steps are necessary
should it be determined that the problem originates from our site.
--
Fred Lloyd, AA7BQ
Publisher, QRZ.COM
flloyd at qrz.com
More information about the DX-QSL
mailing list