Banner on webpage

davehc

Essential Member
Premium Supporter
Did anyone get this today? I'm suspicious. It doesn't come up in the normal update window.

Update.png
It is, of course, in Edge.
 
Henk's right, it's malware:

malware.jpg


I just ran Malwarebytes Pro and nada, nothing... Time to investigate!
 
I just noticed that the banner only appears when you come to this website. If I then click another link the banner disappears. Is anyone else seeing the same thing or am I going nuts?
 
Me too

I don't think it is a virus, as such, but probably spam or a Trojan. (Still troublesome)
But when I first saw it, I X'" it. It didn't come back.
 
It looks like it disappeared. Has somebody found something?

Has this webpage been infected?
 
I did send a pm to Mike about it but whether the change is down to something he's done I'm unsure?
 
Well its a Javascript widget located at the bottom of the main page.
Here's the source
HTML:
<script type="text/javascript">(function(u){var s=document.createElement('script');s.async=true;s.src=u;var b=document.getElementsByTagName('script')[0];b.parentNode.insertBefore(s,b);})('//updatemybrowser.org/umb.js');</script>

It's from Widget - Update my Browser
umb2.png
 
My conclusion is that it is probably harmless. But someone (a member) has definitely hacked into the site to plant the script.
You can have a look at the page. It is harmless to go that far, and have a read. The page also includes the script:

Update your Browser - Browser-Update.org
 
It's actually been there for a few months at least. It is harmless, it simply tells you if your browser is out of date. It does have one black list hit, but its probably a false positive
 
That's interesting? I am on this site a couple of times a day, but only saw it yesterday for the first time. I wonder why it was suddenly triggered.
I only use Edge, on forums, and the only real source for updates is through MS channels.

There are some fascinating paths on the site I linked, which all lead back to a german "Project"
 
Last edited:
It won't trigger when your browser is current, I noticed it around Chrome 48 or 49 release
 
I doubt many people could hack a website so I doubt that is the case. To the admins, sorry I was auditing the site if you get alerts on scans and such I did find the admin login and some potential users. No harm intended.
 
I doubt many people could hack a website so I doubt that is the case. To the admins, sorry I was auditing the site if you get alerts on scans and such I did find the admin login and some potential users. No harm intended.

What do you mean by "Auditing the site" and "finding the admin log
"Not too happy with that.
 
I meant site admin login page, I was just curious how hard it would be to locate. I didn't really do anything beyond that.
 
My conclusion is that it is probably harmless. But someone (a member) has definitely hacked into the site to plant the script.
Hello. I am currently in a moving process. There is no hacking going on. I added the script (two actually) to notify you when your browser is out of date. This was done quite awhile ago, to ensure compatibility for people using IE6 and IE7 as well as outdated versions of other browsers.
 
Thanks for the response, Mike. The popup did not reoccur. The exchange regarding the Admin log was a little concern, on my part, that a member was deliberately opening some of the more confidential parts of the site.
 
Back
Top