If you try to login from anything other than a bookmark, you're redirected to a virus site titled
***Edited: reoccurring issue, Lance, see pm's for info.
If you try to login from anything other than a bookmark, you're redirected to a virus site titled
***Edited: reoccurring issue, Lance, see pm's for info.
will call you in a bit
Lance
TLCA Member
2003 4Runner SR5 4x4 Chaos Edition
2000 Toyota Landcruiser
19xx M416 Trailer
Chaos Edition Profile
Operation Rebuilding Chaos Edition
01001001001001110110110100100000011000010010000001 11011101100101011000100111011101101000011001010110 010101101100011001010111001000100001
I could only duplicate using Google Chrome. FF & IE work fine for me.
2010 Sequoia Limited Black - Bils UCA & Shocks, Borla Cat back, Morimoto Headlights
2019 4Runner TRD Off Road Premium Dark Blue w/TRD Gunmetal Wheels - Kings/OME, 285/70R17 Nitto Ridge Grapplers, SSO BMC, TRD Skid, Victory 4x4 Blitz Sliders and Front Bumper, BD Fogs & Light Bar, Morimoto Headlights, Prinsu Rack
2023 Tacoma Trail White w/Bronze wheels - CBI T3 Side Steps
Try MalwareBytes Anti-Malware (http://download.bleepingcomputer.com...mbam-setup.exe) run a full scan and see what it finds?
'96 SR5 5VZ-FE. 89k . 265/75/16 REVO 2s. Sonoran Steel 1.2, HID projector retrofit, Lightforce 170s.
I've also had several people ask me about this on facebook over the past couple of days Mike and Lance. If you go to it from google, you get popups and redirects and all sorts of crap.
-Chris
2004 DoubleCab Tacoma PreRunner: 3.4 V6-Auto, DD/Tow Rig
1997 Lexus LX450: 4.5 I6-Auto, DD
1984 4Runner: 22R-5 speed, 14 inch bob, 5.29's, lincoln locked rear, lockright front, Armored and Caged by Mossyrocks Fabrication, total disregard for body damage.
1997 4Runner: GONE
1996 FZJ80 Land Cruiser: GONE
It's a Google problem AFAIK. Lance can offer a better explanation than me of what's actually going on. It's nothing to do with UY on our end.
2010 Sequoia Limited Black - Bils UCA & Shocks, Borla Cat back, Morimoto Headlights
2019 4Runner TRD Off Road Premium Dark Blue w/TRD Gunmetal Wheels - Kings/OME, 285/70R17 Nitto Ridge Grapplers, SSO BMC, TRD Skid, Victory 4x4 Blitz Sliders and Front Bumper, BD Fogs & Light Bar, Morimoto Headlights, Prinsu Rack
2023 Tacoma Trail White w/Bronze wheels - CBI T3 Side Steps
Holy crap! I just signed out and went from google, I couldn't delete popups fast enough. Only did it from google, if I just typed in the address, it was fine. I'm using IE right now.
My signature
Could be that your ISP's (or maybe Google's) DNS server has been had. A DNS vulnerability was recently discovered (July 08) that exploits, or poisons, the DNS's cache. Effects a ton of DNS boxes...
-Scott<br />'01 Black SR5 4x4 w/ Black Pearl's: Detroit Truetrac | Tundra/OME 890s w/ Tokico Trekmasters | SS Diff Drop/Panhard | Tundra rotors/calipers | Rear Diff Breather Extension | Hayden cooler | K&N | ISR | Deckplate | Jet Black PC'd LC 16x8's w/ LT265/75R16 Cooper S/T's
first - thanks for the head's up...
second... i tried it.
i just logged out, went to yahoo and did a search for ultimateyota.com - link worked fine for UY.
typed it in the address bar manually - worked fine.
went to google, searched, clicked on their link and...
our addy pops up in the address bar for a split second, then it's redirected to "GoogleScanners-360" and the warning window pops up. even if you click Cancel, it still redirects and shows a status bar. it looks like it's something on google's site to me, but i most-definitely could be wrong.
the one way that it does is is ONLY if you are logged out though. if you are still logged in, then it doesn't redirect you. if you click the logout button, go back to google and then click the link to UY, you get redirected.
here's my question - if it's truly on our end, then why would it only do this when someone clicks a link in a google search? if our server files were hacked, then wouldn't it work all the time on that link?
either way, it's troubling, it has our attention, and mike and lance (as well as the rest of us) are working on finding out what it is.
-andy
Shane, a big thanks to you for bringing this to our attention so we can resolve this problem.Originally Posted by NorCalBorn
Originally I thought it was a DNS related issue but after logging the redirect activity we quickly realized that it was actually originating from within our servers. After a thorough search, we noticed that we had an infected file/code that was maliciously redirecting our google search traffic. To date we're not certain how long this issue has been around but it may have originally happened when we had UY hosted with an outside service. Now that everything is in house on our own servers we can closely monitor all activities and and make sure we stay up and running
The issue has been resolved and we will be closely monitoring this issue to make sure there are no recurrence.
Thanks again for everything!
Lance
TLCA Member
2003 4Runner SR5 4x4 Chaos Edition
2000 Toyota Landcruiser
19xx M416 Trailer
Chaos Edition Profile
Operation Rebuilding Chaos Edition
01001001001001110110110100100000011000010010000001 11011101100101011000100111011101101000011001010110 010101101100011001010111001000100001