Posts: 3
Joined: Mon Feb 14, 2011 4:36 am Malware!

Post by mketsdev1 » Mon Feb 14, 2011 4:36 am

Yesterday I went in to, which I have been doing for years. I noticed a funny Java download rectangle on the screen, and then my computer started beeping as my Symantec began blocking something malicious. There were hundreds of repeat blockage messages. Then my whole desktop was taken over by a bogus "virus" scan, which froze up my whole system. I couldn't close the malware or open anything else. I shut down my system and had my son-in-law, who is an IT person, come over and it took him about 20 minutes to get rid of whatever it Weatherbug has a bug! Anybody else having this problem?

User avatar
Posts: 139
Joined: Sun Jun 20, 2010 9:46 pm

RE: Malware!

Post by Figure10 » Mon Feb 14, 2011 5:18 am

Whatever it is, URLVoid doesn't know about it.

User avatar
Posts: 10927
Joined: Mon Jan 05, 2009 4:02 am

RE: Malware!

Post by c۞g » Mon Feb 14, 2011 5:54 am has been compromised

There is an iFrame:located in the source, from a direct visit.

<iframe src="" style="visibility: hidden;" height="1" width="1">

That site when visited directly redirects to
with the full URL: hxxp://
it loads a page requiring that Java be installed - I get "missing plug-in" warning since I keep Java disabled *always*

If you use weatherbug, you have facility to contact their support.
Inform them their site has been compromised.and request they remove the hidden iFrame

Whois information for:

Registrar : CO.CC, INC.
Whois Server :
Referral URL :
Service Type : ZONE RECORD

Updated Date : 10-Feb-2011
Creation Date : 10-Feb-2011
Expiration Date : 10-Feb-2012


Evgeniy Smirnov
Moscow, Moscow
Email :
Phone : +74952583212

Updated Date : 09-Feb-2011
Creation Date : 09-Feb-2011

Thanks for the alert.

I submitted an abuse report to CO.CC to pull the domain
I suggest others do the same

Malicious content:


her's a source chart image for:

∞ Opto, ergo sum

User avatar
Posts: 691
Joined: Mon Dec 28, 2009 1:08 pm

RE: Malware!

Post by Satchman » Tue Feb 15, 2011 4:00 am

Checking the box for a recent re-scan of the website by shows that this site has been infected.

Report 2011-02-15 04:17:03 (GMT 1)
File Name weatherbug-com
File Size 49276 bytes
File Type Unknown file
MD5 Hash a310f04fb9c28f16b3b7e2eb39142eff
SHA1 Hash 40d348387481cfb4f7ffe5a89559ee7c36c6c62d
Detections: 1 / 16 (6 %)

Antivirus Updated Engine Result
a-squared 15/02/2011 -
Avast 15/02/2011 5.0 -
AVG 15/02/2011 -
Avira AntiVir 15/02/2011 -
BitDefender 15/02/2011 -
ClamAV 15/02/2011 -
Comodo 15/02/2011 4.0 -
Dr.Web 15/02/2011 5.00.0 -
F-PROT6 15/02/2011 -
Ikarus T3 15/02/2011 1001084 -
Kaspersky 15/02/2011 -
NOD32 15/02/2011 -
Panda 15/02/2011 -
TrendMicro 15/02/2011 9.120-1004 -
VBA32 15/02/2011 Malware.HTML.Iframe
VirusBuster 15/02/2011 1.5.6


Posts: 1
Joined: Tue Feb 15, 2011 2:44 pm

RE: Malware!

Post by WeatherBug1 » Tue Feb 15, 2011 2:44 pm

I represent WeatherBug. We have looked into this issue and could not find any offending code. Any issue was likely caused by an ad served through a third party ad network. We will be monitoring our ads to avoid any future occurrences.

Posts: 3
Joined: Mon Feb 14, 2011 4:36 am

RE: Malware!

Post by mketsdev1 » Sat Feb 19, 2011 3:28 pm

Thank you! I miss being able to check my local weather stations!


RE: Malware!

Post by Guest » Sat Feb 19, 2011 4:28 pm

Gave up on WeatherBug long time back.
Been dangerous for years to use.
List of reasons a mile long.

Have some fun and Google

User avatar
Posts: 443
Joined: Fri Jan 21, 2011 7:22 pm

RE: Malware!

Post by siblingshot » Sat Feb 19, 2011 4:50 pm

Interesting, DT.

I use WeatherBug and noticed - from g7w's post - that it had been compromised. In light of that, and your own pointers, it may be high time to drop a little rain on this addon. Rinse my hands. Wash it away.

The nomencluture itself is a little ironic.

User avatar
Posts: 691
Joined: Mon Dec 28, 2009 1:08 pm

RE: Malware!

Post by Satchman » Sat Feb 19, 2011 5:59 pm

I remember a history of malware from Weatherbug that goes back at least five years, maybe more. It comes and goes and the site is too much of a risk. They used to put toolbars in people's browsers that AV and scanners would diagnose as malware. There's so much better weather information and sites out there than Weatherbug. I love Yahoo Weather! Nothing to install or download and it is very detailed and accurate.



RE: Malware!

Post by Guest » Sat Feb 19, 2011 6:20 pm

I just prefer to look at metar reports, and easiest way is download this:
The other method is to step outside. ~smiles~

Post Reply

Who is online

Users browsing this forum: Google [Bot] and 2 guests