Life In 19x19

Hey recently my browser has directed me away from any site linked to yutopian enterprises because of malware being hosted on their site. Has anyone else seen this problem? I heard in the past that it was a small family company, so how would one go about letting them know their site might be compromised.

Your browser won't let you get to the site even enough to see their contact address? (there are ways to do this safely or should be. Depends on what your browser can do in terms of its settings and whether you know how to set up a "user" on your computerr with minimal rights)

BTW -- how about telling us what browser and what settings? I'm not experiencing any serious problems with the site.

info@yutopian.com is the contact email address

http://www.google.com/safebrowsing/diagnostic?site=http://www.yutopian.com/go/&hl=en

Here is the google diagnostics of the page.
I use google chrome and, while I'm not security illiterate I generally stay away from site that my computer outright tells me to avoid for lack of a better understanding of the risks.

Ignoring the warning in firefox, I could have a look in the source code of the webpage. It starts

#!/usr/bin/perl

and goes on with code. Not what one would expect from a serious, ordinary webpage. So it could indeed be the case that malware has attacked poor Yutopian. But I have not attempted to understand the source code. Maybe it was intentional? Anyway I suggest going back to good old plain HTML without any scripts.

RobertJasiek wrote:Ignoring the warning in firefox, I could have a look in the source code of the webpage. It starts

#!/usr/bin/perl

and goes on with code. Not what one would expect from a serious, ordinary webpage. So it could indeed be the case that malware has attacked poor Yutopian. But I have not attempted to understand the source code. Maybe it was intentional? Anyway I suggest going back to good old plain HTML without any scripts.

CGI scripts are usually in Perl...

http://www.virustotal.com/url-scan/repo ... 1291678715

3 out of 6 webscan sites see it as giving the impression of having malware.

Firefox, G-Data, Google suggest its a malware site,
Opera, ParetoLogic, Phishtank suggest its a clean site.

I guess there is a least something about the way the site is coded that looks suspicious to the automated testing tools.

No need to go so far, take a look at the html source : an 1x1px iframe was added on the bottom of the page, that loads the probable malware from another page.

In other words, yutopian was hacked discretely.

RobertJasiek wrote:Ignoring the warning in firefox, I could have a look in the source code of the webpage. It starts

#!/usr/bin/perl

and goes on with code. Not what one would expect from a serious, ordinary webpage. So it could indeed be the case that malware has attacked poor Yutopian. But I have not attempted to understand the source code. Maybe it was intentional? Anyway I suggest going back to good old plain HTML without any scripts.

Actually, going back slightly further, to paper mail and paper magazines, would be safer still.
Come to think of it, I never heard of cave drawings hosting malware neither.

Brb. Out to get a bucket of animal pigments.

Bantari wrote:[Actually, going back slightly further, to paper mail and paper magazines, would be safer still.
Come to think of it, I never heard of cave drawings hosting malware neither.

Brb. Out to get a bucket of animal pigments.

No need to go so far: http://www.fountainpennetwork.com/forum/

Norton safeweb gives the following info

Embedded Link To Malicious Site (what's this?)

Threats found: 1
Here is a complete list: (for more information about a specific threat, click on the Threat Name below)
Threat Name: Embedded link to malicious site guwtron.com
Location: http://www.yutopian.com/

I have not bought from them for a long time and probably will not do so again, but in the past I have found them very easy to deal with. Perhaps someone should call them in person and direct them to this thread.

I have had a reply from katherine & sidney at yutopian saying they believe this problem has been resolved.

http://www.virustotal.com/url-scan/repo ... 1292001821

I see that all 6 testing sites give it a clean bill of health now, so its looking good.