or Connect
New Posts  All Forums:Forum Nav:

Unsafe site ?

post #1 of 12
Thread Starter 
I got this from Norton Security as a warning of  4 current threats attacking a software bug from this website.

Is this getting nailed down or is this a constant threat  ?  What does this site do to scan any of it's content ? 

Just wondering. Thanks.
post #2 of 12
I don't get that from my AV (AVG, CA, and Norton).  Must be cause I wear my helmet while virtually skiing
post #3 of 12
I have gotten the same warning messages from Norton both times I logged into the site today.
post #4 of 12
Oops, didn't see this.

Just posted the detail in Site Suggestions.
post #5 of 12
Mcafee noted it as well...?
post #6 of 12
We asked Frank Farmer on our Huddler team to look into this:

It looks like the wordpress blog at http://esa.epicski.com was compromised on Sunday -- a single file was uploaded.  For what it's worth, that site is not served from our datacenter, and we don't actively manage/monitor it ourselves.

We've cleaned up what we've found, and are taking steps to prevent further issues.

Please let us know if you run across more wierdness.   By the way, props to Frank for all the hard work behind the scenes.  This guy has really made things happen whenever we have asked for it.   Really glad this guy is on our side
post #7 of 12
This is still persisting...whatever cleanup they did, didn't work.

FWIW, this type of thing seems to crop up every 6 months or so with regard to this site.  It may well be that some of the ability to embed ads also makes it easy to embed malware, but whatever the cause Epic is the only site I visit regularly that seems to have these issues.
post #8 of 12
Thread Starter 
x2 here   ^^^^^^^^^^
post #9 of 12
The infection is cleaned up -- you can verify this by visiting the URLs norton complains about.  They're all 404's now:


Norton simply hasn't updated their records yet.  Ted submitted a request for them to re-evaluate the site, but there's no telling how long it'll be before they bother to follow through.

After some cursory investigation, I've discovered a dozen other sites hosted on the same blog hosting platform (Media Temple) with the same infection.  We've notified Media Temple.

This only effected the esa.epicski.com wordpress blog, which we do not manage. The main epicski.com site is on separate hardware, in a separate datacenter, hosted by SoftLayer, and we do not host the vulnerable application (Wordpress).
post #10 of 12

Norton has finally reevaluated the site, and we're getting a clean bill of health again
post #11 of 12
Based on our report of this issue, MediaTemple discovered that hundreds of Wordpress blogs on their platform have been compromised by the same attack over the last few months.


The exact source of the vulnerability is still unknown.
post #12 of 12
Frank this is impressive.  Nice that you were able to help out MT.  Not so good that the internet has some really bad actors.
New Posts  All Forums:Forum Nav:
  Return Home