xxxx.com - malware ???

[londonprive]

Hi,

I am currently doing lots of page optimisation on one of our joomla websites. Now, I use google's page performance tool and came across the following suggestion:

========================
Serve resources from a consistent URL

The following resources have identical contents, but are served from different URLs. Serve these resources from a consistent URL to save 2 request(s) and 70B.

Is it Malware, or is it a joomla thingy - or what ?

I am slightly confused to be honest. If that thing is not of benefit to me - how to get rid of it?


Cheers,
George

[dam-man]

Moved to security Forum

[leolam]

Please do not click any of the links above!

@ Mods: Please disarm these links? Sites spread malware imho

edit: removed steps since issue caused by extension as described below

Leo

[Tonie]

Links have been removed.

[leolam]

Tnx Tonie

[mdwongca]

Hi. I'm Mike Wong, Product Manager at tynt.com. Just wanted to provide some information regarding this post. I'm sorry you ran into this issue and I'm hoping we can get to the bottom of it.

I want to start by assuring you that Tynt is in no way malware or malicious. <deleted SP> We add a link to text when users copy text off your page.<deleted SP>

There's two possible ways our scripts can end up on your page. You can sign up <deleted SP> and install our script. The second possibility (which is more likely), is that we have a partnership with whos.amung.us. and you've installed the whos.amung.us widget. <deleted SP>

If neither of those situations are true, please feel free to contact me at support [at] tynt [dot] com and I'd be happy to chase this down for you.

Thanks,
Mike Wong

[leolam]

The original post contained an enormous amount of hidden links to your site(s) and a lot of undefined crap, inserted from scripts not belonging to legitimate websites. You allow through your "widgets" spam/malware to be spread and that is a crime

Be informed

Leo

edit: removed address to person involved to avoid impression of "wall of shame"

[londonprive]

Hi all,

Oh, sorry for posting the link in the first place ~ Didn't know that this was actually that threatening. Either way, have to give Mr. Wong credit as apparently we have installed a plugin which adds a link to our website on copy and paste text from any page.

However, I talked to the developers in question and apparently someone thought it would be a good idea to install a module like this, but apparently we can't find it in the plug in manager. Mr. Wong would you please do me the honour of passing me the module name information so we can remove this from our site. Page optimisation appears more important than having the "copy paste tool" on our site. Furthermore, in case this is a legitimate tool - I would start worrying about your companies reputation on the internet. Google for your link - not necessarily inviting.

@leolam: Thanks a lot for the check list - just passed it on to our developer to have a go ... very helpful !!

Well, what can I say we are new to Joomla

Many Thanks,
George

[leolam]

I want to start by assuring you that Tynt is in no way malware or malicious.

http://lifehacker.com/?_escaped_fragmen ... ste-blocks

explains a lot about this

not to mention the security and privacy concerns that come with Tynt sending tracking information to their servers without your consent.

Leo

edit: removed possible offending cynical greeting

[mandville]

Moderator comment; please do not turn this topic into a " wall of shame ".

[londonprive]

Hi,

Just a quick note, Mr. Wong has sent me information regarding the plugin via message and does help me resolving this. I agree with Mandville lets not turn this topic into a "wall of shame". I will post all the info as soon as this issue has been resolved in case anyone else needs help on this topic. Thanks for everyone's help so far !

Best,
George

[londonprive]

Hi,

Ok resolved it - Mike pointed out the component we've downloaded and installed:

http://extensions.joomla.org/extensions ... tics/12231

The whole thing installs itself as:

System - Seobooster under the plugin menu.

I have removed this and the whole thing removed itself from the site.

Thanks to everyone for the support on this.

Cheers,
George x

[leolam]

Moderator comment; please do not turn this topic into a " wall of shame ".

Never the intention for sure and modified my posts to remove that impression where that might have arisen. However I think the Joomla users should be informed about this extension and what the product does and also be informed how to Block Tynt on a PC or Mac Software that sends tracking information to their servers without my consent (!) can definitely be considered malware imho and that statement has nothing to do with "wall of shame"

Leo