Threat detected on Tmobile

[REDACTED]

Hi,

Every time i go to certain sections on T-mobile, I get a "Threat has been detected" warning message. This has been occurring for the last few days. It seems pretty odd that this site would have suspicious activity considering it's a big phone carrier. At this point, it's quite annoying, and I'm not sure whether to simply ignore it or immediately leave the site. Thanks for the help.

This is the infection the site is said to have.
URL:   hxxp://54.186.109.173/d/rt/pixel?rtsite_id=472&rr=CACHE_BUSTER
Infection:  URL:Mal

[Eddy]

That IP belongs to amazonaws, and is owned by MARKMONITOR INC.
There are many (large) websites that have become victim of malicious adds.
They are already working on it.
Please report this to T-Mobile.

[REDACTED]

Okay, will do. So this is an actual threat then? not a false report/positive? Makes it hard shopping for new phone haha

[Pondus]

It seems pretty odd that this site would have suspicious activity considering it's a big phone carrier.

there are no safe sites on the net.... safe today can be hacked tomorrow


30,000 Web Sites Hacked A Day. How Do You Host Yours?
http://www.forbes.com/sites/jameslyne/2013/09/06/30000-web-sites-hacked-a-day-how-do-you-host-yours/

[REDACTED]

^^
Yeah, but one would expect greater protection from these sites. Given that this has been occurring for a few days now, it's rather shocking that they have not detected it and/or have not figured out a way to fix it.

Well, I tried contacting them, but all their agents are busy.

[Pondus]

Yeah, but one would expect greater protection from these sites.

yea......       if there is a hole in the wall, rats will find it

AVAST forum offline due to attack  http://blog.avast.com/2014/05/26/avast-forum-offline-due-to-attack/

[cliffa.onsite]

To be clear, for others who find this, this is almost certainly not an issue of hacking.

When you connect to a website the website also has your browser load advertisements and scripts from other providers at the same time. Using Lightbeam for Firefox it appears T-Mobile.com's main page loads content and scripts from 22 other web servers. Almost all of them advertising and tracking services. This is about average for most major retail pages. Internet advertisers and trackers compose the majority of mal-ware distributors today as the methods use to track and advertise often violate privacy.

It is true that major sites like T-Mobile.com tend to be safer than say... a torrent site. However, beyond agreements with the advertising companies used, T-Mobile has no control over what is actually displayed as part of their website. And they can only take action after the fact if the advertising companies choose to violate those agreements. For this reason all websites should be treated as un-trustworthy even if you have never had a problem with them before.

Most likely one of these services has either begun using methods that Avast is designed to detect and stop or Avast has been updated to consider the methods used malicious.