The Joomla! Forum ™

Download

Demo


Board index » Joomla! Older Version Support » Joomla! 1.5 » Security in Joomla! 1.5

Forum rules


Forum Rules
Absolute Beginner's Guide to Joomla! <-- please read before posting, this means YOU.
Security Checklist
Forum Post Assistant - If you are serious about wanting help, you will use this tool to help you post.



Post new topic Reply to topic  Page 1 of 1
  [ 13 posts ] 
  Print view Previous topic | Next topic 
Author Message
londonprive
 Post subject: xxxx.com - malware ???
PostPosted: Fri Feb 11, 2011 5:10 am 
User avatar
Joomla! Fledgling
Joomla! Fledgling

Joined: Fri Feb 11, 2011 5:02 am
Posts: 4
Location: London
Hi,

I am currently doing lots of page optimisation on one of our joomla websites. Now, I use google's page performance tool and came across the following suggestion:

========================
Serve resources from a consistent URL

The following resources have identical contents, but are served from different URLs. Serve these resources from a consistent URL to save 2 request(s) and 70B.

Is it Malware, or is it a joomla thingy - or what ?

I am slightly confused to be honest. If that thing is not of benefit to me - how to get rid of it?


Cheers,
George
Top
 Profile  
 
dam-man
 Post subject: Re: - malware ???
PostPosted: Fri Feb 11, 2011 6:57 am 
User avatar
Joomla! Exemplar
Joomla! Exemplar

Joined: Fri Sep 09, 2005 2:13 pm
Posts: 7954
Location: The Netherlands
Moved to security Forum

_________________
Robert Dam - Joomla Forum Moderator
Dutch Boards | Joomla Coding Boards | English Support Boards
Top
 Profile  
 
leolam
PostPosted: Fri Feb 11, 2011 9:25 am 
User avatar
Joomla! Master
Joomla! Master

Joined: Mon Aug 29, 2005 10:17 am
Posts: 12046
Location: Netherlands/ UK/ S'pore/Jakarta/ North America
Please do not click any of the links above!

@ Mods: Please disarm these links? Sites spread malware imho

edit: removed steps since issue caused by extension as described below

Leo 8)

_________________
--- Joomla Professional Support Services :: http://gws-desk.com ---
--- Joomla Professional and Specialized Hosting :: http://gws-host.com ---
--- Ready to Roll Joomla! Web Sites : 1 - 7 days only! :: @ gws-market.com ---


Last edited by leolam on Sat Feb 12, 2011 4:34 am, edited 1 time in total.

Top
 Profile  
 
Tonie
PostPosted: Fri Feb 11, 2011 9:34 am 
User avatar
Joomla! Master
Joomla! Master
Online

Joined: Thu Aug 18, 2005 7:13 am
Posts: 16355
Links have been removed.

_________________
Joomla forum global moderator.

Take care
Top
 Profile  
 
leolam
PostPosted: Fri Feb 11, 2011 9:37 am 
User avatar
Joomla! Master
Joomla! Master

Joined: Mon Aug 29, 2005 10:17 am
Posts: 12046
Location: Netherlands/ UK/ S'pore/Jakarta/ North America
Tnx Tonie 8)

_________________
--- Joomla Professional Support Services :: http://gws-desk.com ---
--- Joomla Professional and Specialized Hosting :: http://gws-host.com ---
--- Ready to Roll Joomla! Web Sites : 1 - 7 days only! :: @ gws-market.com ---
Top
 Profile  
 
mdwongca
PostPosted: Fri Feb 11, 2011 5:07 pm 
Joomla! Fledgling
Joomla! Fledgling

Joined: Fri Feb 11, 2011 4:54 pm
Posts: 1
Hi. I'm Mike Wong, Product Manager at tynt.com. Just wanted to provide some information regarding this post. I'm sorry you ran into this issue and I'm hoping we can get to the bottom of it.

I want to start by assuring you that Tynt is in no way malware or malicious. <deleted SP> We add a link to text when users copy text off your page.<deleted SP>

There's two possible ways our scripts can end up on your page. You can sign up <deleted SP> and install our script. The second possibility (which is more likely), is that we have a partnership with whos.amung.us. and you've installed the whos.amung.us widget. <deleted SP>

If neither of those situations are true, please feel free to contact me at support [at] tynt [dot] com and I'd be happy to chase this down for you.

Thanks,
Mike Wong


Last edited by mandville on Fri Feb 11, 2011 5:46 pm, edited 1 time in total.
removed self promotion, and "partner promotion"


Top
 Profile  
 
leolam
PostPosted: Fri Feb 11, 2011 5:32 pm 
User avatar
Joomla! Master
Joomla! Master

Joined: Mon Aug 29, 2005 10:17 am
Posts: 12046
Location: Netherlands/ UK/ S'pore/Jakarta/ North America
The original post contained an enormous amount of hidden links to your site(s) and a lot of undefined crap, inserted from scripts not belonging to legitimate websites. You allow through your "widgets" spam/malware to be spread and that is a crime

Be informed

Leo 8)

edit: removed address to person involved to avoid impression of "wall of shame"

_________________
--- Joomla Professional Support Services :: http://gws-desk.com ---
--- Joomla Professional and Specialized Hosting :: http://gws-host.com ---
--- Ready to Roll Joomla! Web Sites : 1 - 7 days only! :: @ gws-market.com ---


Last edited by leolam on Sat Feb 12, 2011 4:36 am, edited 1 time in total.

Top
 Profile  
 
londonprive
PostPosted: Fri Feb 11, 2011 5:50 pm 
User avatar
Joomla! Fledgling
Joomla! Fledgling

Joined: Fri Feb 11, 2011 5:02 am
Posts: 4
Location: London
Hi all,

Oh, sorry for posting the link in the first place ~ Didn't know that this was actually that threatening. Either way, have to give Mr. Wong credit as apparently we have installed a plugin which adds a link to our website on copy and paste text from any page.

However, I talked to the developers in question and apparently someone thought it would be a good idea to install a module like this, but apparently we can't find it in the plug in manager. Mr. Wong would you please do me the honour of passing me the module name information so we can remove this from our site. Page optimisation appears more important than having the "copy paste tool" on our site. Furthermore, in case this is a legitimate tool - I would start worrying about your companies reputation on the internet. Google for your link - not necessarily inviting.

@leolam: Thanks a lot for the check list - just passed it on to our developer to have a go ... very helpful !!

Well, what can I say we are new to Joomla :D

Many Thanks,
George
Top
 Profile  
 
leolam
PostPosted: Fri Feb 11, 2011 6:13 pm 
User avatar
Joomla! Master
Joomla! Master

Joined: Mon Aug 29, 2005 10:17 am
Posts: 12046
Location: Netherlands/ UK/ S'pore/Jakarta/ North America
mdwongca wrote:
I want to start by assuring you that Tynt is in no way malware or malicious.
http://lifehacker.com/?_escaped_fragmen ... ste-blocks

explains a lot about this
Quote:
not to mention the security and privacy concerns that come with Tynt sending tracking information to their servers without your consent.


Leo 8)

edit: removed possible offending cynical greeting

_________________
--- Joomla Professional Support Services :: http://gws-desk.com ---
--- Joomla Professional and Specialized Hosting :: http://gws-host.com ---
--- Ready to Roll Joomla! Web Sites : 1 - 7 days only! :: @ gws-market.com ---


Last edited by leolam on Sat Feb 12, 2011 4:19 am, edited 2 times in total.

Top
 Profile  
 
mandville
PostPosted: Fri Feb 11, 2011 6:41 pm 
User avatar
Joomla! Master
Joomla! Master

Joined: Mon Mar 20, 2006 1:56 am
Posts: 11706
Location: The Girly Side of Joomla in Sussex
Moderator comment; please do not turn this topic into a " wall of shame ".

_________________
HU2HY- Poor questions = Poor answer
Un requested Help PM's will be added to the foe list and possibly just deleted
{Community.Connect Administrator }{ Showcase & Security Moderator}
Top
 Profile  
 
londonprive
PostPosted: Fri Feb 11, 2011 11:35 pm 
User avatar
Joomla! Fledgling
Joomla! Fledgling

Joined: Fri Feb 11, 2011 5:02 am
Posts: 4
Location: London
Hi,

Just a quick note, Mr. Wong has sent me information regarding the plugin via message and does help me resolving this. I agree with Mandville lets not turn this topic into a "wall of shame". I will post all the info as soon as this issue has been resolved in case anyone else needs help on this topic. Thanks for everyone's help so far !

Best,
George
Top
 Profile  
 
londonprive
PostPosted: Sat Feb 12, 2011 12:40 am 
User avatar
Joomla! Fledgling
Joomla! Fledgling

Joined: Fri Feb 11, 2011 5:02 am
Posts: 4
Location: London
Hi,

Ok resolved it - Mike pointed out the component we've downloaded and installed:

http://extensions.joomla.org/extensions ... tics/12231

The whole thing installs itself as:

System - Seobooster under the plugin menu.

I have removed this and the whole thing removed itself from the site.

Thanks to everyone for the support on this.

Cheers,
George x
Top
 Profile  
 
leolam
PostPosted: Sat Feb 12, 2011 4:32 am 
User avatar
Joomla! Master
Joomla! Master

Joined: Mon Aug 29, 2005 10:17 am
Posts: 12046
Location: Netherlands/ UK/ S'pore/Jakarta/ North America
mandville wrote:
Moderator comment; please do not turn this topic into a " wall of shame ".
Never the intention for sure and modified my posts to remove that impression where that might have arisen. However I think the Joomla users should be informed about this extension and what the product does and also be informed how to Block Tynt on a PC or Mac Software that sends tracking information to their servers without my consent (!) can definitely be considered malware imho and that statement has nothing to do with "wall of shame"

Leo 8)

_________________
--- Joomla Professional Support Services :: http://gws-desk.com ---
--- Joomla Professional and Specialized Hosting :: http://gws-host.com ---
--- Ready to Roll Joomla! Web Sites : 1 - 7 days only! :: @ gws-market.com ---
Top
 Profile  
 
Display posts from previous:  Sort by  
Post new topic Reply to topic  Page 1 of 1
  [ 13 posts ] 


Board index » Joomla! Older Version Support » Joomla! 1.5 » Security in Joomla! 1.5

Who is online

Users browsing this forum: Majestic-12 [Bot] and 18 guests

You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot post attachments in this forum

Jump to:  
Powered by phpBB® Forum Software © phpBB Group