Malware on Boing boing main site?

This morning, I went to the boing boing main site on my smartphone, using Firefox. I noticed that the articles were the same ones from over 24 hours ago; this often happens, so I refreshed the page as I usually do and new articles showed up.

I started scrolling, and all of a sudden a big window popped up covering the page. It was white, and had the “Google play protect” logo (a green shield). It said something like “your device is unsafe, update Google play protect” and had a button to click. I clicked on it(I know…), and another pop up appeared that said, with a lot of misspelling and punctuation errors, to go to my settings and enable “install apps from unknown sources.”

Of course I freaked out, shut down the browser, and went to Google play to check if there were any updates I needed to install, but there were none. Google play protect (the real one) said that everything was fine as well. I tried opening boing boing in the chrome app, and saw the same pop up.

Anyone else seen this?

15 Likes

I get the same thing when opening articles.

7 Likes

Yep. Huge, non-dismissible (at least on my tablet) ad that I have trouble believing wouldn’t have attempted to deploy malware if I’d clicked accidentally.

7 Likes

I get a page telling me I need to update Adobe Flash. Tried it on Firefox and Chrome on a couple different machines.

On another note related to the main page, I’ve noticed that when I browse the site without any ad blocking I get one of those popups/floating screen elements/whatever you call them that basically tells me the top five stories on the site blah blah blah.

I’m just going to say that in addition to being distracting and poor web design I’m already on the site! If you want to show the top posts put in the regular page somewhere.

It’s not as bad as autoplay video, but in general when I run into stuff like this I’m much less willing to whitelist a web site.

10 Likes

I saw it on one post so far (the Rickrolled post, which gave me pause). I tried another couple of post links from the bbs and I didn’t see it again.

ETA: I just checked the Rickrolling link and it’s been fixed.

5 Likes

4 Likes

I just got the Adobe Flash Player installer when I visited the main page. I noped right out, but I just tried it again and got the site, sans popup.

7 Likes

Seeing both the adobe pc one and the Android Google security one.

4 Likes

Yep, that’s exactly what I saw.

1 Like

2 Likes

There’s a main site?

13 Likes

Should be fixed now according to @orenwolf.
At least I am not seeing the flash install page anymore.
The place to report it is here https://freestar.com/bad-ads/ and at least in my experience they have been pretty on the ball at killing the bad actors.

Also the meta category is the best place to post here about that kind of thing. The staff watch that one.

6 Likes

Not fixed, but we are tracking it down actively. Thanks to everyone reporting it to our ad partner!

10 Likes

Holy shit guys different scary malvertising

Eta, was at:

I reported on the bad ad link.

7 Likes

Wow, this is shitty. And no way to dismiss the crap other than to download the malware.

At what point does BB rethink its’ advertising partnerships? Other sites don’t seem to have this problem.

10 Likes

@orenwolf, @jlw:

This just popped up, fullscreen. On one of Jason’s pieces. I won’t click, that’s clearly bullshit.

Ain’t got time for the abuse@bb mail, am on mobile something something.

Holy cow.

ETA: thanks, Ken, for moving/merging. I was late to the party, it seems.

3 Likes

Yep I’m getting that too, on the fuckin homepage. No way to make it go away either. Running android with Brave browser. I expect BB to explain how this happened…

2 Likes

Update Adobe flash. No way to bypass. I may return after this is fixed; in the meantime KTHXBYE.

4 Likes

Funny, I was just freaking out a little over the android 11 update, coming out so soon after 10, like, 3 weeks ago now?

The way updates are done, really leaves a gaping social engineering hole.

I was convinced this was legit, until the .apk file shows up, at which point there’s no way Im touching that thing.

2 Likes

What sort of security advice begins with “enable unknown sources?” :laughing:

10 Likes