noscript update splash page serves malware?

r8limiter · Post by **r8limiter** » Wed Oct 30, 2013 8:48 pm

Hi - after updating noscript and restarting my browser today I was presented with the release notes page as usual (http://noscript.net/?ver=2.6.8.4&prev=2.6.7.1).

What was unusual was that the page contained an iframe whos source was blocked by my company's web security appliance due to it being used to serve malware.

After refreshing the page, the iframe disappeared. I'm wondering if anyone else is seeing this?

Thanks

r8limiter · Post by **r8limiter** » Wed Oct 30, 2013 9:07 pm

I have the malware url and diffs of the html served for the clean page and the malware page if that's helpful.

It seems this may just be a fundamental issue with http though - perhaps I was MITM'd. Time to make noscript.net https?

Thanks

Post by **Thrawn** » Thu Oct 31, 2013 3:35 am

I haven't seen this occur, no.

Giorgio does serve the actual addons over https (on secure.informaction.com), but not the NoScript or Flashgot websites.

Post by **Giorgio Maone** » Thu Oct 31, 2013 9:00 am

I heard about ESET false positives about AfterDownload ad units (which are loaded in iframes), recently. Nothing to be worried about.

InformAction Forums

noscript update splash page serves malware?

noscript update splash page serves malware?

Re: noscript update splash page serves malware?

Re: noscript update splash page serves malware?

Re: noscript update splash page serves malware?