Hi there,
I am trying to download the latest IDE but everytime I get a warning from the anti-virus indicating the website is infected by HTML:HideSeoSpam-A[Trj] ....
And the connection gets terminated...
Could somebody have a look ?
Thank you!
RNR
Are you downloading the Arduino IDE from this page?:
Yes...
I am getting the same results with many (but not all arduino.cc pages). AFAIK it just started a day or so ago. AVG detects is as "HideSEOSpam-A virus. See screenshot below...
Yes, this is what I get but with Avast...
Today I did manage to access the "Contact Us" page and sent them an email pointing to this thread. Other pages are still giving me a problem...
I can confirm this.
Line 128 of that page contains 9 or 10 (i'm not sure about the last one) malicious links.
This is a serious threat, needing immediate action from the website administrators.
Removing this line from this page will not suffice, and the entire site needs checking.
The mistake keeps happening. Avast always detects when I try to download the IDE
rnr107:
Yes, this is what I get but with Avast...
What do you mean by "but"? AVG is a subsidiary of Avast. Do you "also"?
MAS3:
I can confirm this.
Avast? AVG?
I'm using AVAST.
But i temporarily disabled AVAST and opened the page (from pert's link) and took a look at it myself.
That's when i saw this line 128.
If need be i can send the contents of the page somewhere.
NEW FROM TODAY MARCH 24, 2019
I am wondering why this message appears each time I go to Arduino.cc.
Sometimes i have Arduino.ee. Arduino.cc has change to Arduino.ee
I am scanning My PC with malwarebyte and AVG
Threat secured by AVG
We've safely aborted connection on www.arduino.ee because it was infected with HTML:HideSeoSpam-A [Trj]
More threats may be lurking!
Thank you
Is anyone else see the "Arduino.ee" sites ?
Despite multiple cache clears and logging in I cannot see that domain.
Just wonder if those seeing a different domain are in another specific part of the world or maybe have browser hijacks ?
I haven't seen any .ee sites reported while looking for this problem.
So i visited Arduino.ee
It seems to be a parked Estonian domain.
And no complaints by AVAST about that one.
From what I can tell, someone hacked into arduino.cc and added hidden links to some websites that seem to be focused on selling fake prescription pills. The reason for adding these links is for SEO (search engine optimization). Search engines base page rank on how many links there are to a page, and the page rank of the sites on which those links occur.
Since someone was able to do that, it's possible other malicious things were done, which could explain the arduino.ee thing, but I don't have any evidence for anything other than the SEO links MAS3 found, which anyone can check by doing a "View Page Source" on the downloads page, or many other pages on this website (though not the forum pages).
Confirming for you Per...Download page is hacked from the North American side too.
Avast just goes off and stops any further progress.
Please dont report any more to Moderators..
Messages passed back where possible to those that can deal with it...
Thanks MAS3 and others.
Staff also redirected to this post so if we can keep everything in here that would be appreciated.
UPDATE...
Staff are now looking at this issue.
We've safely aborted connection on www.arduino.cc because it was infected with HTML:HideSeoSpam-A [Trj].
I am unable to download the IDE for windows.
ballscrewbob:
UPDATE...
Staff are now looking at this issue.
That's good to know. But why can't the staff come on here and talk directly to us?
The Moderators are nor responsible for this sort of issue and should not have to take on the PR role - they have enough to do already.
And WHY wasn't a member of staff responding to the first Post about this problem a day and half ago?
...R
@R2
Just my 2 pence worth but going to say they were probably finished for the week before this hit the fan.
I could possibly have responded a little quicker too but first time round I thought maybe the OP had tried to download from somewhere other than here.
Not taking on a PR role just doing what I do because its the right thing to do regardless.
I do agree that maybe somebody should monitor the forums a little closer including weekends but compared to the last hack, this I think HAS been a quicker response.
