FanPost

Your Help with Virus Eradication Test Kindly Requested

Quick introduction - I'm Trei Brundrett, I lead the product and technology team at SB Nation.

We have been working hard to resolve the virus attack that some of you here at Blazersedge have experienced. 

THANKS FOR YOUR HELP SO FAR

I want to thank all the members of this community who have experienced the recent virus attack, sent us reports on the problem and answered our follow-up questions. That has been extremely helpful in giving us more information to work with as we track down this problem. It's especially helpful since our team has been unable to recreate the attack on what appears to be the target environment - Windows and Internet Explorer. Fighting an attack that we can't see is extremely frustrating and we need your help.

WHAT ARE WE TALKING ABOUT?

If you haven't yet experienced this virus attack, it's a particularly heinous strain of malware. Win32/FakeAV is a family of trojans disguised as legitimate anti-virus and anti-spyware software. FakeAV variants prompt the user with false warnings, popups, and fake scan results, and may also download additional malware. 

We have already tried a wide variety of methods to determine how the attack may or may not be delivered through our network including scanning the ad banners from our ad server and the code from our own pages. We have found nothing malicious. We have even tried rolling stoppages on the 3rd party ad networks. Reports of attacks have continued.

MALWARE HUNTING

Today, we are attempting to isolate the source of the attack with a test designed to rule-out (or indict) our ad server and any of the ads it serves as the culprit. We chose Blazersedge for this because as I said many of you have sent us reports and been incredibly helpful already.

What is the test?

This afternoon we suspended delivery of ALL ads on Blazersedge.

Now, we need your help.

Here is what we're asking:

1) Please send us a report if you experience the attack in the next 24 hours. The best way to do this is via our contact form:

http://www.sbnation.com/pages/contact?community_id=37

Even if you've previously sent us a report about the attack, we need to know that it's still happening after we disabled all the advertising on the site.

We need as many folks' help here as possible.

2) If you experience the attack, use IE 8 and you have software like Avast that stops the redirect to the Fake AV screen and keeps you on the Blazersedge site, we have an extra special request. Follow a few simple instructions to capture the HTML on the site and send it to us. The instructions are across the jump.

I'm happy to answer questions in the comments. And I really appreciate your assistance in eradicating this scourge.

While browsing SB Nation sites using Internet Explorer 8, if you see a virus warning or other signs of malware (unusual ads, strange pop-ups, etc.) please help us by doing the following:

 

1) In your browser toolbar, in the upper-right-hand corner, click "Tools," then select "Developer Tools."

 

Ie8-dev-tools-1_medium

 

2) In the Developer Tools window that appears, click the "Save HTML" icon.

 

Ie8-dev-tools-2_medium

 

3) Save the file to your desktop.

4) Attach the file to an email to support@sbnation.com and prefix your subject line with 'BLAZERSEDGE'.

This information will help us track down the source of the evil behavior. Thank you for your help.

X
Log In Sign Up

forgot?
Log In Sign Up

Forgot password?

We'll email you a reset link.

If you signed up using a 3rd party account like Facebook or Twitter, please login with it instead.

Forgot password?

Try another email?

Almost done,

By becoming a registered user, you are also agreeing to our Terms and confirming that you have read our Privacy Policy.

Join Blazer's Edge

You must be a member of Blazer's Edge to participate.

We have our own Community Guidelines at Blazer's Edge. You should read them.

Join Blazer's Edge

You must be a member of Blazer's Edge to participate.

We have our own Community Guidelines at Blazer's Edge. You should read them.

Spinner.vc97ec6e

Authenticating

Great!

Choose an available username to complete sign up.

In order to provide our users with a better overall experience, we ask for more information from Facebook when using it to login so that we can learn more about our audience and provide you with the best possible experience. We do not store specific user data and the sharing of it is not required to login with Facebook.

tracking_pixel_9347_tracker