Author Topic: Threat detected on Tmobile  (Read 2261 times)

0 Members and 1 Guest are viewing this topic.

Offline Zoro4

  • Newbie
  • *
  • Posts: 3
Threat detected on Tmobile
« on: September 20, 2014, 08:32:30 PM »
Hi,

Every time i go to certain sections on T-mobile, I get a "Threat has been detected" warning message. This has been occurring for the last few days. It seems pretty odd that this site would have suspicious activity considering it's a big phone carrier. At this point, it's quite annoying, and I'm not sure whether to simply ignore it or immediately leave the site. Thanks for the help.

This is the infection the site is said to have.
URL:   hxxp://54.186.109.173/d/rt/pixel?rtsite_id=472&rr=CACHE_BUSTER
Infection:  URL:Mal

Offline Eddy

  • Avast Evangelist
  • Maybe Bot
  • ***
  • Posts: 31341
  • Watching (over?) you
    • Malware removal, Biljart and other things.
Re: Threat detected on Tmobile
« Reply #1 on: September 20, 2014, 08:43:44 PM »
That IP belongs to amazonaws, and is owned by MARKMONITOR INC.
There are many (large) websites that have become victim of malicious adds.
They are already working on it.
Please report this to T-Mobile.

Offline Zoro4

  • Newbie
  • *
  • Posts: 3
Re: Threat detected on Tmobile
« Reply #2 on: September 20, 2014, 08:46:53 PM »
Okay, will do. So this is an actual threat then? not a false report/positive? Makes it hard shopping for new phone haha

Offline Pondus

  • Probably Bot
  • ****
  • Posts: 36879
Re: Threat detected on Tmobile
« Reply #3 on: September 20, 2014, 08:49:39 PM »
Quote
It seems pretty odd that this site would have suspicious activity considering it's a big phone carrier.
there are no safe sites on the net.... safe today can be hacked tomorrow


30,000 Web Sites Hacked A Day. How Do You Host Yours?

http://www.forbes.com/sites/jameslyne/2013/09/06/30000-web-sites-hacked-a-day-how-do-you-host-yours/
« Last Edit: September 20, 2014, 08:51:41 PM by Pondus »

Offline Zoro4

  • Newbie
  • *
  • Posts: 3
Re: Threat detected on Tmobile
« Reply #4 on: September 20, 2014, 08:57:41 PM »
^^
Yeah, but one would expect greater protection from these sites. Given that this has been occurring for a few days now, it's rather shocking that they have not detected it and/or have not figured out a way to fix it.

Well, I tried contacting them, but all their agents are busy.
« Last Edit: September 20, 2014, 08:59:39 PM by Zoro4 »

Offline Pondus

  • Probably Bot
  • ****
  • Posts: 36879
Re: Threat detected on Tmobile
« Reply #5 on: September 20, 2014, 09:04:05 PM »
Quote
Yeah, but one would expect greater protection from these sites.
yea......   ;)    if there is a hole in the wall, rats will find it

AVAST forum offline due to attack  http://blog.avast.com/2014/05/26/avast-forum-offline-due-to-attack/


Offline cliffa.onsite

  • Newbie
  • *
  • Posts: 14
Re: Threat detected on Tmobile
« Reply #6 on: September 21, 2014, 06:50:03 PM »
To be clear, for others who find this, this is almost certainly not an issue of hacking.

When you connect to a website the website also has your browser load advertisements and scripts from other providers at the same time. Using Lightbeam for Firefox it appears T-Mobile.com's main page loads content and scripts from 22 other web servers. Almost all of them advertising and tracking services. This is about average for most major retail pages. Internet advertisers and trackers compose the majority of mal-ware distributors today as the methods use to track and advertise often violate privacy.

It is true that major sites like T-Mobile.com tend to be safer than say... a torrent site. However, beyond agreements with the advertising companies used, T-Mobile has no control over what is actually displayed as part of their website. And they can only take action after the fact if the advertising companies choose to violate those agreements. For this reason all websites should be treated as un-trustworthy even if you have never had a problem with them before.

Most likely one of these services has either begun using methods that Avast is designed to detect and stop or Avast has been updated to consider the methods used malicious.
« Last Edit: September 21, 2014, 06:52:04 PM by cliffa.onsite »