Sign in to follow this  
Followers 0
JSngry

Hacked/Redirected/WTF?????

53 posts in this topic

I got this message yesterday, and ran home screaming like a little baby. I had just went through something like this with my Roku box.

I was having trouble getting Roku, so I went to the Roku booklet, and did a search it recommended. I wound up on a Roku site with a beautiful looking operator who asked me if I wanted to chat about it. I explained my problem, and she asked me for my phone number associated with my Roku account. She said a Roku tech would call me back and walk me through the fix to my problem.

A second later, the phone rang. It was the promised Roku tech! He led me through the process, and my Roku was magically fixed. He then told me it only cost me $499!!!!!!!

He told me if I didn't pay, he'd undo the magic fix, so I paid. Then I looked up the company I paid, and it was some scammers located in New Dehli.

I contacted my credit card company, and they told me to uninstall the files they loaded on my hard drive, and they'd take care of the charges.

That's why I'm reluctant to do anything that asks me if I want to make changes to my computer, like Lipi suggested.

You can't trust anyone...:alien:

Share this post


Link to post
Share on other sites
54 minutes ago, mjzee said:

Weird.  I wonder why I never experienced this redirect.  My bookmark is set to the unread content page; maybe that’s why.

I'm having issues on mobile (iPhone 5) again today too, and my bookmark goes to the unread content page too.

I'm posting this through my laptop at work (work's network), with not issues. And I just rebooted my phone, and the O forum just came up totally fine -- after having the malicious(?) redirects moments before (before I rebooted).

No issues on mobile this morning though, all the way through 10am EST (not sure I was ever on after that, until just now).

Edited by Rooster_Ties

Share this post


Link to post
Share on other sites
1 hour ago, Jim Alfredson said:

They just changed the name of the server. It might take a while to propagate through the system, but it should fix the problem.

From LiquidWeb:

At this time it looks like you do not have ownership of the domain: organissimo2.com

This has allowed a 3rd party to register the domain and setup a malicious nameserver allowing the redirects to take place.

In a situation of changing servers we would normally recommend domain names like the following:

host.organissimo.org

to new server:

host2.organissimo.org

This would allow for the new server creation with domain names under your ownership.

I would recommend that we update the server hostname to host2.organissimo.org as well as set the nameserver GLU records to the following after we change the server hostname:

ns1.organissimo.org  67.225.241.38
ns2.organissimo.org  67.225.241.38

Please confirm and I will proceed.

Cool. It's been hit or miss this afternoon, hopefully the downstream populates on the promptly and our long national nightmare will soon be over.

Share this post


Link to post
Share on other sites

I'm back since half an hour. I was asked to update programs and most recently I was a winner at the Telecom ... Then a note was briefly displayed on the screen that a threat was deleted.

Edited by optatio

Share this post


Link to post
Share on other sites

Had no problems at all. 

Share this post


Link to post
Share on other sites

I was re-directed to various ad sites connected with goodmayor Tuesday evening and Wednesday, using bookmarks or typing the adress didn't matter. Right now I used my old bookmark and everything was fine. I was afraid I had clicked something I shouldn't have as I kept getting a bunch of weird spam mails at the same time, but everything seems to be okay. What Jim posted about the servers makes perfect sense.

But I wonder if someone registered that organissimo2 adress in knowledge of the server change to take advantage of the situation ...

Edited by mikeweil

Share this post


Link to post
Share on other sites
18 hours ago, Kevin Bresnahan said:

I was telling Jim on Facebook that I had to laugh at one of the redirect websites I got today. It was an official-looking "Microsoft Support" website with a serious voiceover telling me that my Windows computer has been compromised and I must immediately call their tech support number shown on the screen or I would be disconnected from the network.

I was seeing this while using my Linux/Ubuntu laptop. :)

I got this yesterday too.

This is the first time I could get in since maybe Sunday.

Share this post


Link to post
Share on other sites

Received it also - probably Monday night which meant I could not log in for a couple of days. It wanted me to download an old version of Java, which I didn't do.

I finally got rid of it by logging in through a thread in Google and changing the bookmark.   Q

Share this post


Link to post
Share on other sites

Getting in for the first time now since yesterday afternoon, at work and at home.

Share this post


Link to post
Share on other sites

I thought it was over last night, but at work today, still getting the goodmayor redirect until now.

Just how tangled is this web?

Share this post


Link to post
Share on other sites

I did, in all three browsers I use. Maybe this did the trick along with the server adjustments.

Share this post


Link to post
Share on other sites

Had my first encounter with the goodmayor redirect last night via my phone and couldn’t get to the Org site at all, either through bookmark or bringing it up through Google. Apparently the goodmayor was removed from office overnight.

Share this post


Link to post
Share on other sites

I too had the same issue last night on my iPhone. Today it seems to be fine.

Share this post


Link to post
Share on other sites

maxresdefault.jpg

Share this post


Link to post
Share on other sites

Problem persists at my place despite clearing the cache. I have to switch to another network to avoid the redirection.

Share this post


Link to post
Share on other sites

This goodmayor thing...worked fine all weekend at home, back at work today, woops, there's that goodmayor motherfucker again, cleared everything, there he was again. Then gone. Then back agoin. Back and forth, no constant that I can flag. Maybe  somewhere along the way packets are getting thron to some lserver that ain't got the news yet. I don't know, I'm not that smart.

Tell you what though, the bowels of the internet could probably use a good cyberenema.

Share this post


Link to post
Share on other sites

I've been unable to connect for over a week, being constantly rerouted to Abobe update.

Quite honestly I'd given up the ghost.  Relieved at least that it wasn't a problem at my end.

Haven't checked my tablets yet.

Share this post


Link to post
Share on other sites

Haven't had any problems in close to a week, not on mobile (both over air, and through wifi at home), nor at work on my work-PC.

But last week was hit-n-miss for a number of days there.  FWIW.

Share this post


Link to post
Share on other sites
4 hours ago, Rooster_Ties said:

Haven't had any problems in close to a week, not on mobile (both over air, and through wifi at home), nor at work on my work-PC.

But last week was hit-n-miss for a number of days there.  FWIW.

Same here.

Share this post


Link to post
Share on other sites

Today's the first day I didn't have a goodmayor issue from work. Hopefully the downstream has been cleansed and flushed.

Share this post


Link to post
Share on other sites

OK, for the future folks: clearing your browser cache doesn't do anything relevant in a case like this. If you still have a device that redirects, you need to clear its DNS cache (just a list of hostnames and associated IP addresses), like I mentioned before:

https://documentation.cpanel.net/display/CKB/How+To+Clear+Your+DNS+Cache

On iOS you can turn on airplane mode for a few seconds--that will flush the DNS cache.

On Android you need to do a hard reboot, I believe. (Turn off phone, remove battery, wait a minute, reinsert, boot.)

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!


Register a new account

Sign in

Already have an account? Sign in here.


Sign In Now
Sign in to follow this  
Followers 0

  • Recently Browsing   0 members

    No registered users viewing this page.