MorkTheFiddle wrote:Foxpro 53.0 (32-bit) on 64-bit Windows 10 connects to LLORG without a problem.
On the same machine, Chrome and Opera get hijacked to
https://www.yourcareevery!!!!!!!!!!!where.com/. I put in the exclamation points in case anyone clicks accidentally on this link. It is almost certainly a bad neighborhood.
On my iPod iOs version 10.2.1, the Safari browser is also hijacked to the site just given above.
Hmm, is it possible that your DNS was still pointing at the old, hacked site from last week, or something strange like that? I swear, our DNS cache timeouts are set to only
5 minutes, and I'm still seeing cases where people are getting the old DNS data several days after the fact. (This is not new. There are a lot of ISPs with broken DNS servers.)
I looked at all the source code for the new site, and there's no obvious reference to the site you mention. We rebuilt the site from known-clean source code, and we didn't take any code from the hacked machine at all. The new machine has all OS security patches applied daily, and I can literally destroy the server, replace it with a fresh one, and have the site back up in under 5 minutes. This doesn't mean that nobody compromised the new server in the last 24 hours, but it's probably unlikely.
One other possibility is that your ISP (or somebody else in charge of your Internet connection) is
injecting advertising into the sites you browse. And some advertising networks
will serve up ads that redirect you away from the site you're browsing. This is an evil possibility, but it actually happens on occasion. The only solution for it is for us to use HTTPS and encrypt this website, which is on our TODO list.
Can anybody else confirm what MorkTheFiddle is seeing? If we can figure who's infected, it might help narrow down what's causing it.