I decided to give Bubblews a break and not post their name in the title. Besides, I'm sure the critter shows up elsewhere as well.
I was just visiting Bubblews and tried to visit a profile (a well-known Hubber as a matter of fact).
A big, fat, red, pop-up warning sign came up, saying that page was infected by malware.
Now here's the thing... That sign did not come from my computer. That sign did not come from my browser.
Therefore, the sign, itself, was the malware.
Therefore, I DID NOT CLICK ANY OF THE BUTTONS ON THAT SIGN. In fact, I DID NOT CLICK ANY BUTTON OR ICON ON THE ENTIRE SCREEN AT ALL. In fact, I DID NOT TOUCH THE KEYBOARD OR MOUSE AT ALL.
What did I do instead? I FLIPPED OFF THE SWITCH ON THE POWER STRIP. Not using a power strip? Then PHYSICALLY UNPLUG THE COMPUTER.
Yep. That's what I did. What you do is up to you.
The problem was one rogue advert got through the normal screening. It has been removed and the site is now safe!
. But, anyone who visitors should run a virus and malware scan to be safe.
I recommend using Ad Block Plus plugin when writing online, as you don't want to click your own ads anyway and it protects you from this kinda stuff.
I just noticed the red skull next to one of my Hubs which contained a Bubblews link.
Too late for me, I already clicked on the "get me out of here" button. Hope they get these weird things worked out over there eventually.
Yep, I dared to go back there to my own profile this time. I was going to post this forum post there, instead of here. The thing immediately popped up again. Needless to say, think I'll stay away from there for a couple days.
Thanks for the warning, I will give it a pass for awhile.
They've got a dodgy advert on the page is the most probable explanation. Hopefully they will fix it soon. Not good though.
Never saw an advert that blacked out the entire tab before with just the advert in the middle... And apparently showing up when you arrive at any and all pages of the website.
@anyone Is that still going on btw? I don't want to have to turn my machine off and on again.
My warning came from my Chrome browser and had nothing that could be clicked on. I'm betting the site was hacked!
Interesting! I haven't been on Bubblews since yesterday but was just thinking about signing on. I think I'll wait another day then. Thanks for the heads up!
Sigh....
I simply switched over to IE for that site. Have been going in and out over the evening with no problems whatsoever.
It amazes me how quickly mass hysteria can spread.
I just thought to do a search for Bubblews malware. Looks like something has hit the fan alright...
Don't click any of the links. They all lead to Bubblews...
No, the problem is an ad server. If you don't click the ads, you are fine. As I said, I've been there all evening and my computer is clean as a whistle.
Have you seen the purdy, red sign while using IE? Just curious.
No, nothing showing on IE at all.
A couple of people have reported getting very low-level, low-risk tracker software downloaded. They did not mention whether they clicked on an ad.
I have scanned my computer and nothing whatsoever has been found.
I'm making the most of the fact that the absence of some of the community is making my posts more noticeable. Getting good earnings tonight on the back of the popular hysteria
Good to know. I was getting worried I messed up by going back on there afterward.
Hey, guys.
What browser were you using? What happened when you clicked the get-me-out-of-here button?
For that matter, this question is open to anyone who clicked it.
Firefox and I can't remember what happened. I think it just took me back to Google.
I was on Chrome and, really, nothing happened. I ran a quick scan as mistyhorizon had suggested earlier (just to be safe) and, presto...nothing. I don't plan on pushing my luck either...
This has resulted in HP issuing red skull violation signs in my stats for all hubs containing links to my Bubblews a/c which I now have removed to clear the violations. Good thing I didn't actually click on the links. Should we stay clear of Bubblews for now? Has the bubble finally burst? This thread may be related.
http://hubpages.com/forum/topic/120086#post2542048
There was a message tonight from the Bubbews Support team. yes, there is Malware on the site, but the are working to clear it up. I'm not going there until it is cleared up. I don't want a virus on my computer!
I hope I didn't end up with a virus. I went back on there (don't know why) and then my computer started slowing down.
Thanks! That clears that up.
I hope to heck they'll announce what got installed on people's computers who clicked any of the buttons. I'm guessing a keylogger at minimum.
I went there, I think, about an hour or so ago (maybe a little more). At first I saw no problem until I clicked on a notification where someone was complaining about getting the red window with Firefox. I commented that I've never had that with Firefox, and it was right after that that I then got the red window. I did click "get me out of here", and nothing happened. Neither did anything happen when I hit the back arrow. THEN, though, when I went to my own "bank" I got the window. I ran a scan, and one "PUP" thing showed up. I got rid of it.
Before leaving the site I did try to get in from the "main site" entrance, rather than the bookmarked route to my own page. That was fine as far as I could see. I don't know much (anything, for the most part) about this stuff, but I was under the impression it was as if my account there had been infected, and (again, don't know much about this stuff), it seemed to me I got it after either clicking on or commenting on the person's who had already been infected.
Either way, once the red window would show up the only getting out of it was to "start clean" with a new URL (even if it was a B's URL).
Think I'll find another way to kill time on this Saturday night
What with Mary's post that Bubblews has confirmed the malware infestation, not a bad idea.
Yesterday, Pinterest picks on us.
Today, Bubblews (through no fault of their own) picks on us.
I wonder who is going to torture us tomorrow?
I tell ya, folks... Tough town, the writer's life... Basket weaving is looking better and better...
Starting clean with a new URL does not seem to be the answer because tons of people would lose tons of income. A better way is to use a Malware Bytes program to cleanse your computer.
Not worried in the least. As WriteAngled said, just don't click on any ads on there for now. If you are really worried just run a Malware Bytes scan (free download) as that gets rid of any Malware that gets on to your PC and won't cost you a bean.
Those aren't rogue ads. As Bubblews has stated, it's flat out malware. If you'd seen it, you'd know. And come to think of it, when it comes to malware, one doesn't always have to click to get infected.
And while I'm at it... The malware writers are always ahead of the security software writers. I can tell you from personal experience that security software catches maybe only half the malware floating around. In other words, all security software is pretty much crap.
Malware Bytes has got rid of Malware on my PC before, that no other software even spotted. It is free, and you can update it every time you use it. Truly I am not remotely worried about this warning (and apparently nor is IE). As WriteAngled said "A couple of people have reported getting very low-level, low-risk tracker software downloaded." but this appears to be the extent of it.
Interestingly, I had just done a complete virus scan and malware scan right before this happened. I apparently was on the site right before the block showed up on Chrome, so today am running both scans again. I agree, Malware Bytes is a great program that really cleanses the computer of problems like this.
Definitely won't be going back any time soon, thanks for the heads up!
Google Chrome has identified two domains that are functioning as intermediaries for distributing the malware to visitors of the site: madadsmedia and adnxs (dotcom).
I think it is advisable to stay clear of the site until the thing clears.
Thanks for this info! Because of your post, I was able to find this lovely little tidbit...
... madadsmedia.com, adnxs.com ... infected 2227 domains so far...
My guess is that HP slammed the door shut on these 2 bozos in time; seven years experience does indeed pay off from time to time. Hopefully, bubblews will get itself straightened out in due course.
What a town... I think I mentioned something about basket weaving awhile back... Does anyone know where I can find a class on that?
The adnxs cookie is installed by Bubblews by the way. I remember it from when I checked all the cookies being installed on my computer after one visit to the Bubblews home page. So it's not a "hack", it's exactly what I said it is in my post below. I'm not sure about madadsmedia, but I would guess it's also part of the Bubblews information-mining package.
Sigh....
Have had an IE tab open to the site (although not active there all the time by any means) for the last 12 hours. No problems whatsoever.
Why do people always get caught up by mass hysteria?
If all malware and viruses alerted you to their presents they wouldn't be doing their job properly.
Frankly, I'm not at all surprised.
1. The site uses tribal fusion cookies to extract personal information about its writers. This latest "malware" is in all likelihood a result of Bubblews pushing their data gathering too far and getting punished for it.
2. It's a shady operation for which hundreds of rule-abiding writers haven't been paid. I know because I was one of them. After months of campaigning, I got my money back, but that only proves I didn't break any rules in the first place. How many others didn't waste their time after not getting paid?
3. Notice how there's no confirmation when you click the redeem button? No balance history either. When you click that button you are completely at their mercy until the echeque arrives (or not).
4. The site claims ownership over everything you write, and can use it freely after you're gone.
5. The site answers only a fraction of the emails they receive, and they tend to especially ignore redemption queries.
6. The site shows up as a scam on scamadvisor.
The list goes on... so no, I'm not surprised by this at all. It's just another attempt by Bubblews to mine personal information. This time it was a little too invasive.
The only thing that surprises me is how people are still here defending the site. They're the same ones that hunt down any anti-Bubblews hub on hubpages to post their oft-sycophantic comments about how wonderful Bubblews is. I'll leave people to their own conclusions about them, but to jeopardize people's computer security by calling this "hysteria" is almost beyond belief to me.
I think I had it this time. My laptop shows warning sign “low disc space, repair windows errors” I click on it and the box asked me to download in 3 steps. I clicked “download” but nothing happened, so I clicked “save” and then “run”. Then the RegClean Pro appeared and started scanning and ended with 513 errors. Then I need to click “purchase” to continue. That was the time I stopped clicking.
Can some IT gurus help me? Is this RegClean Pro genuine, and should I purchase to fix the errors?
HELP!!
I bought RegClean and it does not appear to be adding any value. Don't know what think about it--maybe the gurus can shed some light.
Reg Clean is sold by a Canadian company and is a very malicious program. Contact them and demand your money back threatening to contact your State's Attorney General if they do not. I fell into their trap several years ago and had to pay someone to fix my computer. BIG ripoff.
I always use Malwarebytes, it is free and will get rid of most of the malware on your computer.
+1 Always works for me. I love that program (saved one computer that was refusing to anything other than fill my screen with popups demanding I buy a certain software because my computer was infected). Within seconds of firing up the PC I had to quickly click on the Malware Bytes icon before the pop ups began or else I couldn't click on anything. As soon as I ran the scan (even without updating the program) Malware Bytes cured it.
So is it OK to go back on? I haven't been on at all today.
Thomas Swan, are you waiting a few seconds after you push the redeem button? It takes about 10-15 seconds to get a confirmation that Bubblews has received the info that you pushed the payout button and are ready to cash out. Once it comes up, you have to enter the amount you made up to then, and tell them how you want to redeem you money. I've been paid around 6 or so times without any problems.
Yes it's fine Jean. Apparently loads of sites were affected by the same problem not just Bubblews. The rogue ad has been removed and all is back to normal.
BTW, I think what Thomas means is that you don't get an actual email confirmation, so if you click away from the page (without getting a screenshot first) you have no evidence of having redeemed or for the amount of money you were redeeming for.
I've already made a new post and earned a hot 50 cents.
No no no, you should not have downloaded that. That software is very likely what is causing your problem. My advice is to try to uninstall it.
Agreed with Sherry. Those reg cleaners can actually mess up your computer if they delete the wrong files. Most or all of the files they "detect" are perfectly innocuous as well. They detect so many problems because they want you to buy the software. A bit of a scam really.
Good Guy, I'd add that besides uninstalling it "the usual way" you may have to go into your System files and find any file that gets left behind after you've thought you've uninstalled it. There can be a left-over file or two sometimes that just-uninstalling may not get.
Thank you all you IT gurus. In fact I didn't know how to "uninstall" but luckily my son helped out. So far this laptop has not hung. Hope it is back to normal.
I didn't go to Bubblews the whole day. Anyone can give the green light?
I was just on the site and all warnings have disappeared and things seem to be back to normal. I did a malware scan this morning and everything was clear.
Thanks for the info, Brett. Just read on another thread that Wikinut was hit by a rogue ad too.
I got an email from Wikinut saying they had this same problem and that it was a rogue ad and that they deleted all the ads from that same ad distributor. They claim the site is now safe again. So it wasn't just the Bubble mishandling things or trying to catch us out, or whatever. My computer shows up as clean (I hope!) even after entering the Bubble.
True, apparently over 2000 other sites were also affected by this adventure.
Good morning, sports fans. Well, I did a Google search and didn't discover any new howls of anguish for the last several hours.
So, I also peeked in and all appears well.
Btw, something I have been noticing for a long time...
Pretty much every site on the planet encrypts when a user logs in. As far as I can tell, Bubblews does not encrypt our passwords when we fire them off into the ether via login. Nary an "https" in the URL to be found...
Have others noticed this?
Is there any other way to tell whether Bubblews is encrypting or not? Maybe they are, and it's just not obvious? Kind of curious and would like to know.
by Laura Brown 12 years ago
I don't have a link to anything malware that I know about. We can't even put HTML in our profiles any more. Where is this coming from? It's come up three times tonight when I clicked on older posts I have written here. I checked the links in my posts and found nothing from the malware domain. Is it...
by Valerie 11 years ago
What would your WARNING sign say to the world?If you could carry a warning sign (about yourself) for the world to see, what would it say?
by Martin Heeremans 11 years ago
Now I am wondering if anyone else has encountered this.I operate from my office where I employ fully trained I.T staff to handle my network, servers and firewall so I can concentrate on more important tasks. I do website work in the office so everything is secure.At home I use my p.c and laptop to...
by Audrey Selig 10 years ago
If you clicked on a fake browser that brought in the viruses , how hard was recovery?Two people in my family encountered this rampant virus or malware.
by Jennifer 12 years ago
I felt like I needed to get this out there. I was just looking at one of my hubs over twenty minutes ago when Norton Virus blocked an Exploit kit virus. Apparently, someone from Russia (I did a reverse IP check) tried to hack my computer. I figured I would warn you guys, even though I might have...
by SPomposello 13 years ago
I was reading that Google will know if you clicked one of your ads from a different computer with a different IP address. For example, you go to work and go to one of your articles on your work computer and click an ad. It's the same as going to an internet cafe and doing it there, basically. I...
Copyright © 2025 The Arena Media Brands, LLC and respective content providers on this website. HubPages® is a registered trademark of The Arena Platform, Inc. Other product and company names shown may be trademarks of their respective owners. The Arena Media Brands, LLC and respective content providers to this website may receive compensation for some links to products and services on this website.
Copyright © 2025 Maven Media Brands, LLC and respective owners.
As a user in the EEA, your approval is needed on a few things. To provide a better website experience, hubpages.com uses cookies (and other similar technologies) and may collect, process, and share personal data. Please choose which areas of our service you consent to our doing so.
For more information on managing or withdrawing consents and how we handle data, visit our Privacy Policy at: https://corp.maven.io/privacy-policy
Show DetailsNecessary | |
---|---|
HubPages Device ID | This is used to identify particular browsers or devices when the access the service, and is used for security reasons. |
Login | This is necessary to sign in to the HubPages Service. |
Google Recaptcha | This is used to prevent bots and spam. (Privacy Policy) |
Akismet | This is used to detect comment spam. (Privacy Policy) |
HubPages Google Analytics | This is used to provide data on traffic to our website, all personally identifyable data is anonymized. (Privacy Policy) |
HubPages Traffic Pixel | This is used to collect data on traffic to articles and other pages on our site. Unless you are signed in to a HubPages account, all personally identifiable information is anonymized. |
Amazon Web Services | This is a cloud services platform that we used to host our service. (Privacy Policy) |
Cloudflare | This is a cloud CDN service that we use to efficiently deliver files required for our service to operate such as javascript, cascading style sheets, images, and videos. (Privacy Policy) |
Google Hosted Libraries | Javascript software libraries such as jQuery are loaded at endpoints on the googleapis.com or gstatic.com domains, for performance and efficiency reasons. (Privacy Policy) |
Features | |
---|---|
Google Custom Search | This is feature allows you to search the site. (Privacy Policy) |
Google Maps | Some articles have Google Maps embedded in them. (Privacy Policy) |
Google Charts | This is used to display charts and graphs on articles and the author center. (Privacy Policy) |
Google AdSense Host API | This service allows you to sign up for or associate a Google AdSense account with HubPages, so that you can earn money from ads on your articles. No data is shared unless you engage with this feature. (Privacy Policy) |
Google YouTube | Some articles have YouTube videos embedded in them. (Privacy Policy) |
Vimeo | Some articles have Vimeo videos embedded in them. (Privacy Policy) |
Paypal | This is used for a registered author who enrolls in the HubPages Earnings program and requests to be paid via PayPal. No data is shared with Paypal unless you engage with this feature. (Privacy Policy) |
Facebook Login | You can use this to streamline signing up for, or signing in to your Hubpages account. No data is shared with Facebook unless you engage with this feature. (Privacy Policy) |
Maven | This supports the Maven widget and search functionality. (Privacy Policy) |
Marketing | |
---|---|
Google AdSense | This is an ad network. (Privacy Policy) |
Google DoubleClick | Google provides ad serving technology and runs an ad network. (Privacy Policy) |
Index Exchange | This is an ad network. (Privacy Policy) |
Sovrn | This is an ad network. (Privacy Policy) |
Facebook Ads | This is an ad network. (Privacy Policy) |
Amazon Unified Ad Marketplace | This is an ad network. (Privacy Policy) |
AppNexus | This is an ad network. (Privacy Policy) |
Openx | This is an ad network. (Privacy Policy) |
Rubicon Project | This is an ad network. (Privacy Policy) |
TripleLift | This is an ad network. (Privacy Policy) |
Say Media | We partner with Say Media to deliver ad campaigns on our sites. (Privacy Policy) |
Remarketing Pixels | We may use remarketing pixels from advertising networks such as Google AdWords, Bing Ads, and Facebook in order to advertise the HubPages Service to people that have visited our sites. |
Conversion Tracking Pixels | We may use conversion tracking pixels from advertising networks such as Google AdWords, Bing Ads, and Facebook in order to identify when an advertisement has successfully resulted in the desired action, such as signing up for the HubPages Service or publishing an article on the HubPages Service. |
Statistics | |
---|---|
Author Google Analytics | This is used to provide traffic data and reports to the authors of articles on the HubPages Service. (Privacy Policy) |
Comscore | ComScore is a media measurement and analytics company providing marketing data and analytics to enterprises, media and advertising agencies, and publishers. Non-consent will result in ComScore only processing obfuscated personal data. (Privacy Policy) |
Amazon Tracking Pixel | Some articles display amazon products as part of the Amazon Affiliate program, this pixel provides traffic statistics for those products (Privacy Policy) |
Clicksco | This is a data management platform studying reader behavior (Privacy Policy) |