Author Topic: Apparent problem with Avsim - malicious code.  (Read 712 times)

0 Members and 1 Guest are viewing this topic.

Offline Per Ardua Ad Ars

  • Senior Captain
  • ******
  • Posts: 903
  • C208B-LET410-B1900-DH8C-PA34-PC12, B200 & DA42
Apparent problem with Avsim - malicious code.
« on: January 16, 2020, 02:09:40 PM »
Today I tried a few DLs from Avsim, and their main library page is being replaced by a bogus virus alert, as are their download pages.

Shortly after the first one popped up I also received a bogus phone call regarding internet being shut down due to router malfunction, which is obviously BS, so there's the possibility that some code on the page is able to sniff the phone numbers on any line you are using to get online. The phone call might have been a robo-dial coincidence (we're unlisted), but if so it's a pretty big coincidence.

It's repeatable for me, just trying a download does it every time unless I shut the Avsim tabs immediately after a d/l.

Since Avsim was unavailable the other day, for a spell, I'm guessing that the servers were one way or another getting some malicious code installed! Just a heads up. The pages that pop up (in any new Avsim tabs) are evident BS, although older or unsuspecting/vulnerable people might be fooled.

So, Avsim might create some fake virus alerts, just be aware. The d/ls still work, but it's a nuisance shutting down the scam pages and as I hinted earlier, they may be doing more than just trying to get you to overreact to a fake virus alert. For now, don't trust Avsim.
« Last Edit: January 16, 2020, 02:29:33 PM by Per Ardua Ad Ars »
Idealogically suspect religious arrogance exterminates life.
Terrorism is the war of the poor, and war is the terrorism of the rich. Ustinov.
The sadly-mortal George Carlin on soft language

Offline jabloomf1230

  • Turbine 1st Officer
  • ****
  • Posts: 347
Re: Apparent problem with Avsim - malicious code.
« Reply #1 on: January 16, 2020, 04:31:51 PM »
It looks like the server has been hacked.  We should report this to AVSim.

Offline Kaiii3

  • AIG Technic
  • Command Captain
  • *****
  • Posts: 5464
    • Kai's AFD Studio
Re: Apparent problem with Avsim - malicious code.
« Reply #2 on: January 16, 2020, 04:36:51 PM »
working on my end just fine ::confused::

Offline Holger

  • Turbine 2nd Officer
  • ***
  • Posts: 106
Re: Apparent problem with Avsim - malicious code.
« Reply #3 on: January 16, 2020, 04:53:50 PM »
I just tried and have no problems... ???

Offline BruceN

  • AIG Technic
  • Command Captain
  • *****
  • Posts: 2373
Re: Apparent problem with Avsim - malicious code.
« Reply #4 on: January 16, 2020, 05:07:44 PM »
Yes, no problems for me.

Is it possible with only one person reporting the problem that it's the local computer that is infected and not AVSIM?

Offline Kaiii3

  • AIG Technic
  • Command Captain
  • *****
  • Posts: 5464
    • Kai's AFD Studio
Re: Apparent problem with Avsim - malicious code.
« Reply #5 on: January 16, 2020, 05:12:58 PM »
could be some problems with the local ISP as well

Offline sharklet_a319

  • AIG Technic
  • Command Captain
  • *****
  • Posts: 8333
  • AIM Developper
    • AI Manager Download
Re: Apparent problem with Avsim - malicious code.
« Reply #6 on: January 16, 2020, 05:18:13 PM »
I had troubles yesterday, but now everything is fine again.

Offline jabloomf1230

  • Turbine 1st Officer
  • ****
  • Posts: 347
Re: Apparent problem with Avsim - malicious code.
« Reply #7 on: January 16, 2020, 06:24:34 PM »
https://www.avsim.com/forums/topic/569440-avsim-library-problems/?do=findComment&comment=4170496

Jim Young of AVSim advises not to download anything from the AVSim library until they can figure out what is wrong. This includes the AIG FM. Since it is unknown what the problem might be, it would be advisable to run a full malware scan if you downloaded any files from that site recently.

Offline jabloomf1230

  • Turbine 1st Officer
  • ****
  • Posts: 347
Re: Apparent problem with Avsim - malicious code.
« Reply #8 on: January 16, 2020, 06:30:25 PM »
The malicious site that is capturing the AVSim library URL is www.ampugi334f.com, which should be blocked by most anti-malware utilities, as long as the database is up to date.

Offline jabloomf1230

  • Turbine 1st Officer
  • ****
  • Posts: 347
Re: Apparent problem with Avsim - malicious code.
« Reply #9 on: January 16, 2020, 06:57:40 PM »
Here's an update. The library itself was not hacked, but rather one of the external servers that feeds advertising to the library. The actual malware doesn't appear to be more than just malvertising; something that will send even more annoying adds via your browser.

Offline Per Ardua Ad Ars

  • Senior Captain
  • ******
  • Posts: 903
  • C208B-LET410-B1900-DH8C-PA34-PC12, B200 & DA42
Re: Apparent problem with Avsim - malicious code.
« Reply #10 on: January 16, 2020, 09:45:29 PM »
Yes, no problems for me.

Is it possible with only one person reporting the problem that it's the local computer that is infected and not AVSIM?

System is clean at this end. My last malware detector update was yesterday, so it might have slipped through the update cycles. With Avsim being subject to some strange errors yesterday it seems reasonable to suspect a link. Normally I block ads, and whitelisted Avsim in order to earn them some revenue which, with hindsight..
« Last Edit: January 16, 2020, 09:49:13 PM by Per Ardua Ad Ars »
Idealogically suspect religious arrogance exterminates life.
Terrorism is the war of the poor, and war is the terrorism of the rich. Ustinov.
The sadly-mortal George Carlin on soft language


Offline russian

  • Command Captain
  • *******
  • Posts: 1123
Re: Apparent problem with Avsim - malicious code.
« Reply #12 on: January 17, 2020, 01:32:33 AM »
I use ADblock for Chrome, no ads are loading in my web pages.