What's new
Fantasy Football - Footballguys Forums

This is a sample guest message. Register a free account today to become a member! Once signed in, you'll be able to participate on this site by adding your own topics and posts, as well as connect with other members through your own private inbox!

Host of some MFL free addons suspected malicious site by Google (1 Viewer)

GregR_2

GregR_2

Footballguy
Heads up for people with MFL leagues who have customized them with some of the modules from habman.com, which have been suggested in threads in the Shark Pool before.

Apparently habman.com is now being listed as a suspected malicious site by Google. Though I'm able to access our site, another owner said he just gets a malicious site warning. I'm not sure if it's a difference in our browsers, or perhaps because he has a pending trade offer that I just sent him which would trigger the habman Trade popup we use... while I don't have a trade offer so it might not have triggered for me.

In any event, this is just a warning for any leagues using their content, at least until we find out if it's a false alarm or if they got hacked and it wasn't them trying to be malicious or what. I've temporarily disabled their modules in my leagues. I'm hopeful they will get it cleared up and be proven to be on the up and up, but don't want to take chances in the meantime. If I hear updates I'll post them here.

Below is the full text of the Google warning from here.

Safe Browsing

Diagnostic page for habman.com

What is the current listing status for habman.com?

Site is listed as suspicious - visiting this web site may harm your computer.

Part of this site was listed for suspicious activity 1 time(s) over the past 90 days.

What happened when Google visited this site?

Of the 9 pages we tested on the site over the past 90 days, 6 page(s) resulted in malicious software being downloaded and installed without user consent. The last time Google visited this site was on 2010-08-30, and the last time suspicious content was found on this site was on 2010-08-30.

Malicious software is hosted on 8 domain(s), including dulcet-tube.com/, you-search.in/, bhannu.com/.

5 domain(s) appear to be functioning as intermediaries for distributing malware to visitors of this site, including you-search.in/, bhannu.com/, dulcet-tube.com/.

This site was hosted on 1 network(s) including AS41357 (UK).

Has this site acted as an intermediary resulting in further distribution of malware?

Over the past 90 days, habman.com appeared to function as an intermediary for the infection of 1 site(s) including myfantasyleague.com/.

Has this site hosted malware?

No, this site has not hosted malicious software over the past 90 days.

How did this happen?

In some cases, third parties can add malicious code to legitimate sites, which would cause us to show the warning message.
Click to expand...
 
Last edited by a moderator:
any idea of what type of software they downloaded? Curious cause I previously had a nasty virus and had to buy a new laptop not too long ago. If MFL isn't following security protocols, I'd like to know about it. Amazed that this thread made it to the 2nd page so quietly unless there is no truth to it? Would think someone else in the shark pool would be able to fact check

 
Last edited by a moderator:
loose circuits said:
any idea of what type of software they downloaded? Curious cause I previously had a nasty virus and had to buy a new laptop not too long ago. If MFL isn't following security protocols, I'd like to know about it. Amazed that this thread made it to the 2nd page so quietly unless there is no truth to it? Would think someone else in the shark pool would be able to fact check
Click to expand...
I'm not a web programmer by trade, but I don't think this has anything to do with MFL's security protocols. The end user is the one who chooses to add content to their MFL league that involves the browser connecting to habman.com and running something there, which would be the point at which something might be uploaded.
 
FF King said:
I too use Google Chrome and got the same message first time tonight. You worried at all?
Click to expand...
For the time being at least I'd have your commish remove the content from your site so you can use it safely. It's also worth noting it's possible to save his apps and put them up somewhere on the web yourself and draw them from there so this isn't a problem. There's a discussion on the MFL boards here on how to do it.Some of the MFL users are reporting things are working again now, though I'm not sure if that's because the warning changed or because their commishes removed the habman content.

 
So thats why my AV is going nuts every time I go to one of my MFL sites.

SID:23447 HTTP Misleading Application Download Request Detected

Also seeing FakeAV redirect detected.

 
It's unlikely the problem is malfeasance by habman; this happens to legit sites all the time when they get hacked. [Now, habman may not be particularly vigilant about security updates, but that's another story].

 
Wanted to give an update. Habman heard about the issue and posted on the MFL boards he'd requested Google recheck his site. He wasn't able to reproduce the redirecting that Google had said they found when a file didn't exist.

I checked Google today and it isn't giving warnings about his site anymore.

 
You must log in or register to reply here.

Similar threads

R
Malicious Software Warning MFL
Replies
3
Views
576
mr roboto
mr roboto
JohnnyU
Dynasty 12 Team PPR: Fantasy Legends I needs 1 owner (has 1.01 pick), offering FREE year 1 with payment of year 2
Replies
0
Views
510
JohnnyU
JohnnyU
Bob Magaw
The Late Joel Buchsbaum
Replies
11
Views
2K
L-pipe
L-pipe

Users who are viewing this thread

Total: 1 (members: 0, guests: 1)
Back
Top