Beware big, fat, red malware warning sign

1. 61

   paradigmsearchposted 10 years ago

   I decided to give Bubblews a break and not post their name in the title. Besides, I'm sure the critter shows up elsewhere as well.
   
   I was just visiting Bubblews and tried to visit a profile (a well-known Hubber as a matter of fact).
   
   A big, fat, red, pop-up warning sign came up, saying that page was infected by malware.
   
   Now here's the thing... That sign did not come from my computer. That sign did not come from my browser.
   
   Therefore, the sign, itself, was the malware.
   
   Therefore, I DID NOT CLICK ANY OF THE BUTTONS ON THAT SIGN. In fact, I DID NOT CLICK ANY BUTTON OR ICON ON THE ENTIRE SCREEN AT ALL. In fact, I DID NOT TOUCH THE KEYBOARD OR MOUSE AT ALL.
   
   What did I do instead? I FLIPPED OFF THE SWITCH ON THE POWER STRIP. Not using a power strip? Then PHYSICALLY UNPLUG THE COMPUTER.
   
   Yep. That's what I did. What you do is up to you.

   replyreport
   1. 77

      writingloverposted 10 years agoin reply to this

      Too late for me, too...

      replyreport
   2. 54

      Brett.Tesolposted 10 years agoin reply to this

      The problem was one rogue advert got through the normal screening. It has been removed and the site is now safe!
      
      . But, anyone who visitors should run a virus and malware scan to be safe.
      
      I recommend using Ad Block Plus plugin when writing online, as you don't want to click your own ads anyway and it protects you from this kinda stuff.

      replyreport
   3. 94

      SpaceShantyposted 10 years agoin reply to this

      I just noticed the red skull next to one of my Hubs which contained a Bubblews link.

      replyreport
2. 88

   NateB11posted 10 years ago

   Too late for me, I already clicked on the "get me out of here" button. Hope they get these weird things worked out over there eventually.

   replyreport
   1. 61

      paradigmsearchposted 10 years agoin reply to this

      Yep, I dared to go back there to my own profile this time. I was going to post this forum post there, instead of here. The thing immediately popped up again. Needless to say, think I'll stay away from there for a couple days.

      replyreport
3. 0

   Lybrahposted 10 years ago

   Yeah, it is too late for me too.

   replyreport
4. 93

   Blond Logicposted 10 years ago

   Thanks for the warning, I will give it a pass for awhile.

   replyreport
5. 94

   PaulGoodman67posted 10 years ago

   They've got a dodgy advert on the page is the most probable explanation.  Hopefully they will fix it soon.  Not good though.

   replyreport
   1. 61

      paradigmsearchposted 10 years agoin reply to this

      Never saw an advert that blacked out the entire tab before with just the advert in the middle... And apparently showing up when you arrive at any and all pages of the website.
      
      @anyone Is that still going on btw? I don't want to have to turn my machine off and on again.

      replyreport
      1. 84

         TIMETRAVELER2posted 10 years agoin reply to this

         My warning came from my Chrome browser and had nothing that could be clicked on.  I'm betting the site was hacked!

         replyreport
         1. 61

            paradigmsearchposted 10 years agoin reply to this

            Sure looks that way...

            replyreport
6. 75

   merej99posted 10 years ago

   Interesting!  I haven't been on Bubblews since yesterday but was just thinking about signing on.  I think I'll wait another day then.  Thanks for the heads up!

   replyreport
7. 74

   WriteAngledposted 10 years ago

   Sigh....
   
   I simply switched over to IE for that site. Have been going in and out over the evening with no problems whatsoever.
   
   It amazes me how quickly mass hysteria can spread.

   replyreport
8. 61

   paradigmsearchposted 10 years ago

   I just thought to do a search for Bubblews malware. Looks like something has hit the fan alright...
   
   Don't click any of the links. They all lead to Bubblews...

   replyreport
9. 74

   WriteAngledposted 10 years ago

   No, the problem is an ad server. If you don't click the ads, you are fine. As I said, I've been there all evening and my computer is clean as a whistle.

   replyreport
   1. 61

      paradigmsearchposted 10 years agoin reply to this

      Have you seen the purdy, red sign while using IE? Just curious.

      replyreport
      1. 74

         WriteAngledposted 10 years agoin reply to this

         No, nothing showing on IE at all.
         
         A couple of people have reported getting very low-level, low-risk tracker software downloaded. They did not mention whether they clicked on an ad.
         
         I have scanned my computer and nothing whatsoever has been found.
         
         I'm making the most of the fact that the absence of some of the community is making my posts more noticeable. Getting good earnings tonight on the back of the popular hysteria

         replyreport
   2. 88

      NateB11posted 10 years agoin reply to this

      Good to know. I was getting worried I messed up by going back on there afterward.

      replyreport
10. 61

    paradigmsearchposted 10 years ago

    Hey, guys.
    
    What browser were you using? What happened when you clicked the get-me-out-of-here button?
    
    For that matter, this question is open to anyone who clicked it.

    replyreport
    1. 88

       NateB11posted 10 years agoin reply to this

       Firefox and I can't remember what happened. I think it just took me back to Google.

       replyreport
    2. 77

       writingloverposted 10 years agoin reply to this

       I was on Chrome and, really, nothing happened. I ran a quick scan as mistyhorizon had suggested earlier (just to be safe) and, presto...nothing. I don't plan on pushing my luck either...

       replyreport
11. 96

    Sue Adamsposted 10 years ago

    This has resulted in HP issuing red skull violation signs in my stats for all hubs containing links to my Bubblews a/c which I now have removed to clear the violations. Good thing I didn't actually click on the links. Should we stay clear of Bubblews for now? Has the bubble finally burst? This thread may be related.
    http://hubpages.com/forum/topic/120086#post2542048

    replyreport
12. 82

    mary615posted 10 years ago

    There was a message tonight from the Bubbews Support team.  yes, there is Malware on the site, but the are working to clear it up.  I'm not going there until it is cleared up.  I don't want a virus on my computer!

    replyreport
    1. 88

       NateB11posted 10 years agoin reply to this

       I hope I didn't end up with a virus. I went back on there (don't know why) and then my computer started slowing down.

       replyreport
    2. 61

       paradigmsearchposted 10 years agoin reply to this

       Thanks! That clears that up.
       
       I hope to heck they'll announce what got installed on people's computers who clicked any of the buttons. I'm guessing a keylogger at minimum.

       replyreport
13. 62

    Lisa HWposted 10 years ago

    I went there, I think, about an hour or so ago (maybe a little more).  At first I saw no problem until I clicked on a notification where someone was complaining about getting the red window with Firefox.  I commented that I've never had that with Firefox, and it was right after that that I then got the red window.  I did click "get me out of here", and nothing happened.  Neither did anything happen when I hit the back arrow.  THEN, though, when I went to my own "bank" I got the window.   I ran a scan, and one "PUP" thing showed up.  I got rid of it.
    
    Before leaving the site I did try to get in from the "main site" entrance, rather than the bookmarked route to my own page.  That was fine as far as I could see.  I don't know much (anything, for the most part) about this stuff, but I was under the impression it was as if my account there had been infected, and (again, don't know much about this stuff), it seemed to me I got it after either clicking on or commenting on the person's who had already been infected.
    
    Either way, once the red window would show up the only getting out of it was to "start clean" with a new URL (even if it was a B's URL).
    
    Think I'll find another way to kill time on this Saturday night

    replyreport
    1. 61

       paradigmsearchposted 10 years agoin reply to this

       What with Mary's  post that Bubblews has confirmed the malware infestation, not a bad idea.
       
       Yesterday, Pinterest picks on us.
       
       Today, Bubblews (through no fault of their own) picks on us.
       
       I wonder who is going to torture us tomorrow?
       
       I tell ya, folks... Tough town, the writer's life... Basket weaving is looking better and better...

       replyreport
    2. 84

       TIMETRAVELER2posted 10 years agoin reply to this

       Starting clean with a new URL does not seem to be the answer because tons of people would lose tons of income.  A better way is to use a Malware Bytes program to cleanse your computer.

       replyreport
14. 87

    mistyhorizon2003posted 10 years ago

    Not worried in the least. As WriteAngled said, just don't click on any ads on there for now. If you are really worried just run a Malware Bytes scan (free download) as that gets rid of any Malware that gets on to your PC and won't cost you a bean.

    replyreport
    1. 61

       paradigmsearchposted 10 years agoin reply to this

       Those aren't rogue ads. As Bubblews has stated, it's flat out malware. If you'd seen it, you'd know. And come to think of it, when it comes to malware, one doesn't always have to click to get infected.
       
       And while I'm at it... The malware writers are always ahead of the security software writers. I can tell you from personal experience that security software catches maybe only half the malware floating around. In other words, all security software is pretty much crap.

       replyreport
       1. 87

          mistyhorizon2003posted 10 years agoin reply to this

          Malware Bytes has got rid of Malware on my PC before, that no other software even spotted. It is free, and you can update it every time you use it. Truly I am not remotely worried about this warning (and apparently nor is IE). As WriteAngled said "A couple of people have reported getting very low-level, low-risk tracker software downloaded." but this appears to be the extent of it.

          replyreport
          1. 84

             TIMETRAVELER2posted 10 years agoin reply to this

             Interestingly, I had just done a complete virus scan and malware scan right before this happened.  I apparently was on the site right before the block showed up on Chrome, so today am running both scans again.  I agree, Malware Bytes is a great program that really cleanses the computer of problems like this.

             replyreport
15. 61

    ilikegamesposted 10 years ago

    Definitely won't be going back any time soon, thanks for the heads up!

    replyreport
16. 68

    gitachudposted 10 years ago

    Google Chrome has identified two domains that are functioning as intermediaries for distributing the malware to visitors of the site: madadsmedia and adnxs (dotcom).
    
    I think it is advisable to stay clear of the site until the thing clears.

    replyreport
    1. 61

       paradigmsearchposted 10 years agoin reply to this

       Thanks for this info! Because of your post, I was able to find this lovely little tidbit...
       
       ... madadsmedia.com, adnxs.com ... infected 2227 domains so far...
       
       My guess is that HP slammed the door shut on these 2 bozos in time; seven years experience does indeed pay off from time to time. Hopefully, bubblews will get itself straightened out in due course.
       
       What a town... I think I mentioned something about basket weaving awhile back... Does anyone know where I can find a class on that?

       replyreport
    2. 97

       Thomas Swanposted 10 years agoin reply to this

       The adnxs cookie is installed by Bubblews by the way. I remember it from when I checked all the cookies being installed on my computer after one visit to the Bubblews home page. So it's not a "hack", it's exactly what I said it is in my post below. I'm not sure about madadsmedia, but I would guess it's also part of the Bubblews information-mining package.

       replyreport
17. 74

    WriteAngledposted 10 years ago

    Sigh....
    
    Have had an IE tab open to the site (although not active there all the time by any means) for the last 12 hours. No problems whatsoever.
    
    Why do people always get caught up by mass hysteria?

    replyreport
    1. 94

       SpaceShantyposted 10 years agoin reply to this

       If all malware and viruses alerted you to their presents they wouldn't be doing their job properly.

       replyreport
18. 97

    Thomas Swanposted 10 years ago

    Frankly, I'm not at all surprised.
    
    1. The site uses tribal fusion cookies to extract personal information about its writers. This latest "malware" is in all likelihood a result of Bubblews pushing their data gathering too far and getting punished for it.
    2. It's a shady operation for which hundreds of rule-abiding writers haven't been paid. I know because I was one of them. After months of campaigning, I got my money back, but that only proves I didn't break any rules in the first place. How many others didn't waste their time after not getting paid?
    3. Notice how there's no confirmation when you click the redeem button? No balance history either. When you click that button you are completely at their mercy until the echeque arrives (or not).
    4. The site claims ownership over everything you write, and can use it freely after you're gone.
    5. The site answers only a fraction of the emails they receive, and they tend to especially ignore redemption queries.
    6. The site shows up as a scam on scamadvisor.
    
    The list goes on... so no, I'm not surprised by this at all. It's just another attempt by Bubblews to mine personal information. This time it was a little too invasive.
    
    The only thing that surprises me is how people are still here defending the site. They're the same ones that hunt down any anti-Bubblews hub on hubpages to post their oft-sycophantic comments about how wonderful Bubblews is. I'll leave people to their own conclusions about them, but to jeopardize people's computer security by calling this "hysteria" is almost beyond belief to me.

    replyreport
19. 84

    Good Guyposted 10 years ago

    I think I had it this time.  My laptop shows warning sign “low disc space, repair windows errors”  I click on it and the box asked me to download in 3 steps.  I clicked “download” but nothing happened,  so I clicked “save” and then “run”.  Then the RegClean Pro appeared and started scanning and ended with 513 errors.  Then I need to click “purchase” to continue.  That was the time I stopped clicking.
    Can some IT gurus help me?  Is this RegClean Pro genuine, and should I purchase to fix the errors?
    HELP!!

    replyreport
    1. 68

       gitachudposted 10 years agoin reply to this

       I bought RegClean and it does not appear to be adding any value. Don't know what think about it--maybe the gurus can shed some light.

       replyreport
       1. 84

          TIMETRAVELER2posted 10 years agoin reply to this

          Reg Clean is sold by a Canadian company and is a very malicious program.  Contact them and demand your money back threatening to contact your State's Attorney General if they do not.  I fell into their trap several years ago and had to pay someone to fix my computer.  BIG ripoff.

          replyreport
    2. 94

       SpaceShantyposted 10 years agoin reply to this

       I always use Malwarebytes, it is free and will get rid of most of the malware on your computer.

       replyreport
       1. 87

          mistyhorizon2003posted 10 years agoin reply to this

          +1 Always works for me. I love that program (saved one computer that was refusing to anything other than fill my screen with popups demanding I buy a certain software because my computer was infected). Within seconds of firing up the PC I had to quickly click on the Malware Bytes icon before the pop ups began or else I couldn't click on anything. As soon as I ran the scan (even without updating the program) Malware Bytes cured it.

          replyreport
          1. 94

             Jean Bakulaposted 10 years agoin reply to this

             So is it OK to go back on? I haven't been on at all today.
             
             Thomas Swan, are you waiting a few seconds after you push the redeem button? It takes about 10-15 seconds to get a confirmation that Bubblews has received the info that you pushed the payout button and are ready to cash out. Once it comes up, you have to enter the amount you made up to then, and tell them how you want to redeem you money. I've been paid around 6 or so times without any problems.

             replyreport
             1. 87

                mistyhorizon2003posted 10 years agoin reply to this

                Yes it's fine Jean. Apparently loads of sites were affected by the same problem not just Bubblews. The rogue ad has been removed and all is back to normal.
                
                BTW, I think what Thomas means is that you don't get an actual email confirmation, so if you click away from the page (without getting a screenshot first) you have no evidence of having redeemed or for the amount of money you were redeeming for.

                replyreport
             2. 61

                paradigmsearchposted 10 years agoin reply to this

                I've already made a new post and earned a hot 50 cents.

                replyreport
20. 84

    Good Guyposted 10 years ago

    My laptop hanged!!!  Now I am using my desktop.

    replyreport
    1. 92

       Sherry Hewinsposted 10 years agoin reply to this

       No no no, you should not have downloaded that. That software is very likely what is causing your problem. My advice is to try to uninstall it.

       replyreport
       1. 97

          Thomas Swanposted 10 years agoin reply to this

          Agreed with Sherry. Those reg cleaners can actually mess up your computer if they delete the wrong files. Most or all of the files they "detect" are perfectly innocuous as well. They detect so many problems because they want you to buy the software. A bit of a scam really.

          replyreport
          1. 87

             mistyhorizon2003posted 10 years agoin reply to this

             +1

             replyreport
       2. 62

          Lisa HWposted 10 years agoin reply to this

          Good Guy, I'd add that besides uninstalling it "the usual way" you may have to go into your System files and find any file that gets left behind after you've thought you've uninstalled it.  There can be a left-over file or two sometimes that just-uninstalling may not get.

          replyreport
    2. 84

       Good Guyposted 10 years agoin reply to this

       Thank you all you IT gurus.  In fact I didn't know how to "uninstall"  but luckily my son helped out.  So far this laptop has not hung.  Hope it is back to normal.

       replyreport
21. 84

    Good Guyposted 10 years ago

    I didn't go to Bubblews the whole day.  Anyone can give the green light?

    replyreport
    1. 84

       TIMETRAVELER2posted 10 years agoin reply to this

       I was just on the site and all warnings have disappeared and things seem to be back to normal.  I did a malware scan this morning and everything was clear.

       replyreport
       1. 88

          NateB11posted 10 years agoin reply to this

          Thanks, I was curious if it was all clear. I'll probably go over there in a bit.

          replyreport
       2. 84

          Good Guyposted 10 years agoin reply to this

          Very good.

          replyreport
22. 88

    NateB11posted 10 years ago

    Thanks for the info, Brett. Just read on another thread that Wikinut was hit by a rogue ad too.

    replyreport
    1. 69

       joanveronicaposted 10 years agoin reply to this

       I got an email from Wikinut saying they had this same problem and that it was a rogue ad and that they deleted all the ads from that same ad distributor. They claim the site is now safe again. So it wasn't just the Bubble mishandling things or trying to catch us out, or whatever. My computer shows up as clean (I hope!) even after entering the Bubble.

       replyreport
       1. 61

          paradigmsearchposted 10 years agoin reply to this

          True, apparently over 2000 other sites were also affected by this adventure.

          replyreport
23. 61

    paradigmsearchposted 10 years ago

    Good morning, sports fans. Well, I did a Google search and didn't discover any new howls of anguish for the last several hours.
    
    So, I also peeked in and all appears well.
    
    Btw, something I have been noticing for a long time...
    
    Pretty much every site on the planet encrypts when a user logs in. As far as I can tell, Bubblews does not encrypt our passwords when we fire them off into the ether via login. Nary an "https" in the URL to be found...
    
    Have others noticed this?
    
    Is there any other way to tell whether Bubblews is encrypting or not? Maybe they are, and it's just not obvious? Kind of curious and would like to know.

    replyreport