Dulwich Hill Bicycle Club

Is it just me that is getting messages that DHBC is blocked? Today I did a search for it in google, when I clicked on the link a message came up saying blocked site, installs malicious software?

I then typed the URL directly, Mozilla did the same thing. I had to change security settings to get on here. Anyone looking into this?

JB

I just had a look. Google says:

What is the current listing status for www.dhbc.org.au?

Site is listed as suspicious - visiting this web site may harm your computer.

Part of this site was listed for suspicious activity 1 time(s) over the past 90 days.

What happened when Google visited this site?

Of the 1 pages we tested on the site over the past 90 days, 1 page(s) resulted in malicious software being downloaded and installed without user consent. The last time Google visited this site was on 2010-02-04, and the last time suspicious content was found on this site was on 2010-02-04.

Malicious software includes 1 exploit(s). Successful infection resulted in an average of 2 new process(es) on the target machine.

Malicious software is hosted on 1 domain(s), including secureantibot.net/.

This site was hosted on 1 network(s) including AS25653 (FORTRESSITX).

Has this site acted as an intermediary resulting in further distribution of malware?

Over the past 90 days, www.dhbc.org.au did not appear to function as an intermediary for the infection of any sites.

Has this site hosted malware?

No, this site has not hosted malicious software over the past 90 days.

How did this happen?

In some cases, third parties can add malicious code to legitimate sites, which would cause us to show the warning message.

it sounds like it may be to do with a general problem on the site servers.

Safe Browsing
Diagnostic page for AS25653 (FORTRESSITX)

What happened when Google visited sites hosted on this network?

Of the 15623 site(s) we tested on this network over the past 90 days, 955 site(s), including, for example, flashgamesite.com/, mvmtravel.com/, cheapwowgold.com/, served content that resulted in malicious software being downloaded and installed without user consent.

The last time Google tested a site on this network was on 2010-02-05, and the last time suspicious content was found was on 2010-02-05.

Has this network hosted sites acting as intermediaries for further malware distribution?

Over the past 90 days, we found 37 site(s) on this network, including, for example, littlepearls.in/, culturainah.org/, 4queens.co.uk/, that appeared to function as intermediaries for the infection of 110 other site(s) including, for example, pray.or.kr/, downtownmadrid.es/, phimaiparadise.com/.

Has this network hosted sites that have distributed malware?

Yes, this network has hosted sites that have distributed malicious software in the past 90 days. We found 36 site(s), including, for example, axe0911.freesitespace.net/, delhicakesngifts.com/, electronicstoday.org/, that infected 1499 other site(s), including, for example, cr3.go.th/, jnooon.com/, ugr.es/.

Next steps:

* Return to the previous page.

Site's front page got hacked yesterday and Jimmy has cleaned it up and seemed to have solved the problem. I am not sure if there are more malwares embedded since.

I understand the forum is unaffected.

On Thursday I noticed a "user bandwidth exceeded" message when I tried to log in. The site was off for around half the day.

Wonder if that was the result of a "brute force" hack?

On Friday the site was blocked on my work computer.
I had to resort to doing work.

Paul

As Weiyun said we got hacked on Thur 4/2/10. James C removed the offending code and files on Fri at around 15:00. The error you are seeing is because for 24 hours our site did have "Of the 1 pages we tested on the site over the past 90 days, 1 page(s) resulted in malicious software being downloaded and installed without user consent".

The site is now fine. the hack only effected Internet Explorer and Windows and was a browser highjack. If you are being prevented from accessing the site then its your firewall or other security software that is preventing you accessing.

the hack only effected Internet Explorer and Windows and was a browser highjack.

I was getting the error on Firefox from 30th Jan...?

It happened last month also, on the last day of the month, then everything fine on the first day of the new month.

I think the loss of accesses towards the last few days of the month were due to excessive data usage, a block placed by the host provider rather than any hack related issues.