jump to last post 1-23 of 23 discussions (62 posts)

Beware big, fat, red malware warning sign

  1. paradigmsearch profile image88
    paradigmsearchposted 3 years ago

    I decided to give Bubblews a break and not post their name in the title. Besides, I'm sure the critter shows up elsewhere as well.

    I was just visiting Bubblews and tried to visit a profile (a well-known Hubber as a matter of fact).

    A big, fat, red, pop-up warning sign came up, saying that page was infected by malware.

    Now here's the thing... That sign did not come from my computer. That sign did not come from my browser.

    Therefore, the sign, itself, was the malware.

    Therefore, I DID NOT CLICK ANY OF THE BUTTONS ON THAT SIGN. In fact, I DID NOT CLICK ANY BUTTON OR ICON ON THE ENTIRE SCREEN AT ALL. In fact, I DID NOT TOUCH THE KEYBOARD OR MOUSE AT ALL.

    What did I do instead? I FLIPPED OFF THE SWITCH ON THE POWER STRIP. Not using a power strip? Then PHYSICALLY UNPLUG THE COMPUTER.

    Yep. That's what I did. What you do is up to you. smile

    1. writinglover profile image85
      writingloverposted 3 years ago in reply to this

      Too late for me, too...

    2. Brett.Tesol profile image71
      Brett.Tesolposted 3 years ago in reply to this

      The problem was one rogue advert got through the normal screening. It has been removed and the site is now safe!

      . But, anyone who visitors should run a virus and malware scan to be safe.

      I recommend using Ad Block Plus plugin when writing online, as you don't want to click your own ads anyway and it protects you from this kinda stuff.

    3. SpaceShanty profile image93
      SpaceShantyposted 3 years ago in reply to this

      I just noticed the red skull next to one of my Hubs which contained a Bubblews link.

  2. NateB11 profile image92
    NateB11posted 3 years ago

    Too late for me, I already clicked on the "get me out of here" button. Hope they get these weird things worked out over there eventually.

    1. paradigmsearch profile image88
      paradigmsearchposted 3 years ago in reply to this

      Yep, I dared to go back there to my own profile this time. I was going to post this forum post there, instead of here. The thing immediately popped up again. Needless to say, think I'll stay away from there for a couple days.

  3. profile image0
    Lybrahposted 3 years ago

    Yeah, it is too late for me too.

  4. Blond Logic profile image90
    Blond Logicposted 3 years ago

    Thanks for the warning, I will give it a pass for awhile.

  5. PaulGoodman67 profile image91
    PaulGoodman67posted 3 years ago

    They've got a dodgy advert on the page is the most probable explanation.  Hopefully they will fix it soon.  Not good though.

    1. paradigmsearch profile image88
      paradigmsearchposted 3 years ago in reply to this

      Never saw an advert that blacked out the entire tab before with just the advert in the middle... And apparently showing up when you arrive at any and all pages of the website.

      @anyone Is that still going on btw? I don't want to have to turn my machine off and on again.

      1. TIMETRAVELER2 profile image92
        TIMETRAVELER2posted 3 years ago in reply to this

        My warning came from my Chrome browser and had nothing that could be clicked on.  I'm betting the site was hacked!

        1. paradigmsearch profile image88
          paradigmsearchposted 3 years ago in reply to this

          Sure looks that way...

  6. merej99 profile image89
    merej99posted 3 years ago

    Interesting!  I haven't been on Bubblews since yesterday but was just thinking about signing on.  I think I'll wait another day then.  Thanks for the heads up! smile

  7. WriteAngled profile image91
    WriteAngledposted 3 years ago

    Sigh....

    I simply switched over to IE for that site. Have been going in and out over the evening with no problems whatsoever.

    It amazes me how quickly mass hysteria can spread.

  8. paradigmsearch profile image88
    paradigmsearchposted 3 years ago

    I just thought to do a search for Bubblews malware. Looks like something has hit the fan alright...

    Don't click any of the links. They all lead to Bubblews...

  9. WriteAngled profile image91
    WriteAngledposted 3 years ago

    No, the problem is an ad server. If you don't click the ads, you are fine. As I said, I've been there all evening and my computer is clean as a whistle.

    1. paradigmsearch profile image88
      paradigmsearchposted 3 years ago in reply to this

      Have you seen the purdy, red sign while using IE? Just curious.

      1. WriteAngled profile image91
        WriteAngledposted 3 years ago in reply to this

        No, nothing showing on IE at all.

        A couple of people have reported getting very low-level, low-risk tracker software downloaded. They did not mention whether they clicked on an ad.

        I have scanned my computer and nothing whatsoever has been found.

        I'm making the most of the fact that the absence of some of the community is making my posts more noticeable. Getting good earnings tonight on the back of the popular hysteria smile

    2. NateB11 profile image92
      NateB11posted 3 years ago in reply to this

      Good to know. I was getting worried I messed up by going back on there afterward.

  10. paradigmsearch profile image88
    paradigmsearchposted 3 years ago

    Hey, guys.

    What browser were you using? What happened when you clicked the get-me-out-of-here button?

    For that matter, this question is open to anyone who clicked it.

    1. NateB11 profile image92
      NateB11posted 3 years ago in reply to this

      Firefox and I can't remember what happened. I think it just took me back to Google.

    2. writinglover profile image85
      writingloverposted 3 years ago in reply to this

      I was on Chrome and, really, nothing happened. I ran a quick scan as mistyhorizon had suggested earlier (just to be safe) and, presto...nothing. tongue I don't plan on pushing my luck either...

  11. Sue Adams profile image93
    Sue Adamsposted 3 years ago

    This has resulted in HP issuing red skull violation signs in my stats for all hubs containing links to my Bubblews a/c which I now have removed to clear the violations. Good thing I didn't actually click on the links. Should we stay clear of Bubblews for now? Has the bubble finally burst? This thread may be related.
    http://hubpages.com/forum/topic/120086#post2542048

  12. mary615 profile image95
    mary615posted 3 years ago

    There was a message tonight from the Bubbews Support team.  yes, there is Malware on the site, but the are working to clear it up.  I'm not going there until it is cleared up.  I don't want a virus on my computer!

    1. NateB11 profile image92
      NateB11posted 3 years ago in reply to this

      I hope I didn't end up with a virus. I went back on there (don't know why) and then my computer started slowing down.

    2. paradigmsearch profile image88
      paradigmsearchposted 3 years ago in reply to this

      Thanks! That clears that up.

      I hope to heck they'll announce what got installed on people's computers who clicked any of the buttons. I'm guessing a keylogger at minimum.

  13. Lisa HW profile image83
    Lisa HWposted 3 years ago

    I went there, I think, about an hour or so ago (maybe a little more).  At first I saw no problem until I clicked on a notification where someone was complaining about getting the red window with Firefox.  I commented that I've never had that with Firefox, and it was right after that that I then got the red window.  I did click "get me out of here", and nothing happened.  Neither did anything happen when I hit the back arrow.  THEN, though, when I went to my own "bank" I got the window.   I ran a scan, and one "PUP" thing showed up.  I got rid of it.

    Before leaving the site I did try to get in from the "main site" entrance, rather than the bookmarked route to my own page.  That was fine as far as I could see.  I don't know much (anything, for the most part) about this stuff, but I was under the impression it was as if my account there had been infected, and (again, don't know much about this stuff), it seemed to me I got it after either clicking on or commenting on the person's who had already been infected.

    Either way, once the red window would show up the only getting out of it was to "start clean" with a new URL (even if it was a B's URL).

    Think I'll find another way to kill time on this Saturday night

    1. paradigmsearch profile image88
      paradigmsearchposted 3 years ago in reply to this

      What with Mary's  post that Bubblews has confirmed the malware infestation, not a bad idea. big_smile

      Yesterday, Pinterest picks on us.

      Today, Bubblews (through no fault of their own) picks on us.

      I wonder who is going to torture us tomorrow?

      I tell ya, folks... Tough town, the writer's life... Basket weaving is looking better and better... big_smile

    2. TIMETRAVELER2 profile image92
      TIMETRAVELER2posted 3 years ago in reply to this

      Starting clean with a new URL does not seem to be the answer because tons of people would lose tons of income.  A better way is to use a Malware Bytes program to cleanse your computer.

  14. mistyhorizon2003 profile image91
    mistyhorizon2003posted 3 years ago

    Not worried in the least. As WriteAngled said, just don't click on any ads on there for now. If you are really worried just run a Malware Bytes scan (free download) as that gets rid of any Malware that gets on to your PC and won't cost you a bean.

    1. paradigmsearch profile image88
      paradigmsearchposted 3 years ago in reply to this

      Those aren't rogue ads. As Bubblews has stated, it's flat out malware. If you'd seen it, you'd know. And come to think of it, when it comes to malware, one doesn't always have to click to get infected.

      And while I'm at it... The malware writers are always ahead of the security software writers. I can tell you from personal experience that security software catches maybe only half the malware floating around. In other words, all security software is pretty much crap.

      1. mistyhorizon2003 profile image91
        mistyhorizon2003posted 3 years ago in reply to this

        Malware Bytes has got rid of Malware on my PC before, that no other software even spotted. It is free, and you can update it every time you use it. Truly I am not remotely worried about this warning (and apparently nor is IE). As WriteAngled said "A couple of people have reported getting very low-level, low-risk tracker software downloaded." but this appears to be the extent of it.

        1. TIMETRAVELER2 profile image92
          TIMETRAVELER2posted 3 years ago in reply to this

          Interestingly, I had just done a complete virus scan and malware scan right before this happened.  I apparently was on the site right before the block showed up on Chrome, so today am running both scans again.  I agree, Malware Bytes is a great program that really cleanses the computer of problems like this.

  15. ilikegames profile image79
    ilikegamesposted 3 years ago

    Definitely won't be going back any time soon, thanks for the heads up!

  16. gitachud profile image87
    gitachudposted 3 years ago

    Google Chrome has identified two domains that are functioning as intermediaries for distributing the malware to visitors of the site: madadsmedia and adnxs (dotcom).

    I think it is advisable to stay clear of the site until the thing clears.

    1. paradigmsearch profile image88
      paradigmsearchposted 3 years ago in reply to this

      Thanks for this info! Because of your post, I was able to find this lovely little tidbit...

      ... madadsmedia.com, adnxs.com ... infected 2227 domains so far...

      My guess is that HP slammed the door shut on these 2 bozos in time; seven years experience does indeed pay off from time to time. Hopefully, bubblews will get itself straightened out in due course.

      What a town... I think I mentioned something about basket weaving awhile back... Does anyone know where I can find a class on that? lol

    2. Thomas Swan profile image92
      Thomas Swanposted 3 years ago in reply to this

      The adnxs cookie is installed by Bubblews by the way. I remember it from when I checked all the cookies being installed on my computer after one visit to the Bubblews home page. So it's not a "hack", it's exactly what I said it is in my post below. I'm not sure about madadsmedia, but I would guess it's also part of the Bubblews information-mining package.

  17. WriteAngled profile image91
    WriteAngledposted 3 years ago

    Sigh....

    Have had an IE tab open to the site (although not active there all the time by any means) for the last 12 hours. No problems whatsoever.

    Why do people always get caught up by mass hysteria?

    1. SpaceShanty profile image93
      SpaceShantyposted 3 years ago in reply to this

      If all malware and viruses alerted you to their presents they wouldn't be doing their job properly.

  18. Thomas Swan profile image92
    Thomas Swanposted 3 years ago

    Frankly, I'm not at all surprised.

    1. The site uses tribal fusion cookies to extract personal information about its writers. This latest "malware" is in all likelihood a result of Bubblews pushing their data gathering too far and getting punished for it.
    2. It's a shady operation for which hundreds of rule-abiding writers haven't been paid. I know because I was one of them. After months of campaigning, I got my money back, but that only proves I didn't break any rules in the first place. How many others didn't waste their time after not getting paid?
    3. Notice how there's no confirmation when you click the redeem button? No balance history either. When you click that button you are completely at their mercy until the echeque arrives (or not).
    4. The site claims ownership over everything you write, and can use it freely after you're gone.
    5. The site answers only a fraction of the emails they receive, and they tend to especially ignore redemption queries.
    6. The site shows up as a scam on scamadvisor.

    The list goes on... so no, I'm not surprised by this at all. It's just another attempt by Bubblews to mine personal information. This time it was a little too invasive.

    The only thing that surprises me is how people are still here defending the site. They're the same ones that hunt down any anti-Bubblews hub on hubpages to post their oft-sycophantic comments about how wonderful Bubblews is. I'll leave people to their own conclusions about them, but to jeopardize people's computer security by calling this "hysteria" is almost beyond belief to me.

  19. Good Guy profile image95
    Good Guyposted 3 years ago

    I think I had it this time.  My laptop shows warning sign “low disc space, repair windows errors”  I click on it and the box asked me to download in 3 steps.  I clicked “download” but nothing happened,  so I clicked “save” and then “run”.  Then the RegClean Pro appeared and started scanning and ended with 513 errors.  Then I need to click “purchase” to continue.  That was the time I stopped clicking.
    Can some IT gurus help me?  Is this RegClean Pro genuine, and should I purchase to fix the errors?
    HELP!!

    1. gitachud profile image87
      gitachudposted 3 years ago in reply to this

      I bought RegClean and it does not appear to be adding any value. Don't know what think about it--maybe the gurus can shed some light.

      1. TIMETRAVELER2 profile image92
        TIMETRAVELER2posted 3 years ago in reply to this

        Reg Clean is sold by a Canadian company and is a very malicious program.  Contact them and demand your money back threatening to contact your State's Attorney General if they do not.  I fell into their trap several years ago and had to pay someone to fix my computer.  BIG ripoff.

    2. SpaceShanty profile image93
      SpaceShantyposted 3 years ago in reply to this

      I always use Malwarebytes, it is free and will get rid of most of the malware on your computer.

      1. mistyhorizon2003 profile image91
        mistyhorizon2003posted 3 years ago in reply to this

        +1 Always works for me. I love that program (saved one computer that was refusing to anything other than fill my screen with popups demanding I buy a certain software because my computer was infected). Within seconds of firing up the PC I had to quickly click on the Malware Bytes icon before the pop ups began or else I couldn't click on anything. As soon as I ran the scan (even without updating the program) Malware Bytes cured it.

        1. Jean Bakula profile image94
          Jean Bakulaposted 3 years ago in reply to this

          So is it OK to go back on? I haven't been on at all today.

          Thomas Swan, are you waiting a few seconds after you push the redeem button? It takes about 10-15 seconds to get a confirmation that Bubblews has received the info that you pushed the payout button and are ready to cash out. Once it comes up, you have to enter the amount you made up to then, and tell them how you want to redeem you money. I've been paid around 6 or so times without any problems.

          1. mistyhorizon2003 profile image91
            mistyhorizon2003posted 3 years ago in reply to this

            Yes it's fine Jean. Apparently loads of sites were affected by the same problem not just Bubblews. The rogue ad has been removed and all is back to normal.

            BTW, I think what Thomas means is that you don't get an actual email confirmation, so if you click away from the page (without getting a screenshot first) you have no evidence of having redeemed or for the amount of money you were redeeming for.

          2. paradigmsearch profile image88
            paradigmsearchposted 3 years ago in reply to this

            I've already made a new post and earned a hot 50 cents. big_smile

  20. Good Guy profile image95
    Good Guyposted 3 years ago

    My laptop hanged!!!  Now I am using my desktop.

    1. Sherry Hewins profile image96
      Sherry Hewinsposted 3 years ago in reply to this

      No no no, you should not have downloaded that. That software is very likely what is causing your problem. My advice is to try to uninstall it.

      1. Thomas Swan profile image92
        Thomas Swanposted 3 years ago in reply to this

        Agreed with Sherry. Those reg cleaners can actually mess up your computer if they delete the wrong files. Most or all of the files they "detect" are perfectly innocuous as well. They detect so many problems because they want you to buy the software. A bit of a scam really.

        1. mistyhorizon2003 profile image91
          mistyhorizon2003posted 3 years ago in reply to this

          +1

      2. Lisa HW profile image83
        Lisa HWposted 3 years ago in reply to this

        Good Guy, I'd add that besides uninstalling it "the usual way" you may have to go into your System files and find any file that gets left behind after you've thought you've uninstalled it.  There can be a left-over file or two sometimes that just-uninstalling may not get.

    2. Good Guy profile image95
      Good Guyposted 3 years ago in reply to this

      Thank you all you IT gurus.  In fact I didn't know how to "uninstall"  but luckily my son helped out.  So far this laptop has not hung.  Hope it is back to normal.

  21. Good Guy profile image95
    Good Guyposted 3 years ago

    I didn't go to Bubblews the whole day.  Anyone can give the green light?

    1. TIMETRAVELER2 profile image92
      TIMETRAVELER2posted 3 years ago in reply to this

      I was just on the site and all warnings have disappeared and things seem to be back to normal.  I did a malware scan this morning and everything was clear.

      1. NateB11 profile image92
        NateB11posted 3 years ago in reply to this

        Thanks, I was curious if it was all clear. I'll probably go over there in a bit.

      2. Good Guy profile image95
        Good Guyposted 3 years ago in reply to this

        Very good.

  22. NateB11 profile image92
    NateB11posted 3 years ago

    Thanks for the info, Brett. Just read on another thread that Wikinut was hit by a rogue ad too.

    1. joanveronica profile image92
      joanveronicaposted 3 years ago in reply to this

      I got an email from Wikinut saying they had this same problem and that it was a rogue ad and that they deleted all the ads from that same ad distributor. They claim the site is now safe again. So it wasn't just the Bubble mishandling things or trying to catch us out, or whatever. My computer shows up as clean (I hope!) even after entering the Bubble.

      1. paradigmsearch profile image88
        paradigmsearchposted 3 years ago in reply to this

        True, apparently over 2000 other sites were also affected by this adventure.

  23. paradigmsearch profile image88
    paradigmsearchposted 3 years ago

    Good morning, sports fans. Well, I did a Google search and didn't discover any new howls of anguish for the last several hours.

    So, I also peeked in and all appears well.

    Btw, something I have been noticing for a long time...

    Pretty much every site on the planet encrypts when a user logs in. As far as I can tell, Bubblews does not encrypt our passwords when we fire them off into the ether via login. Nary an "https" in the URL to be found...

    Have others noticed this?

    Is there any other way to tell whether Bubblews is encrypting or not? Maybe they are, and it's just not obvious? Kind of curious and would like to know.

 
working