New on LowEndTalk? Please Register and read our Community Rules.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
LET asking for username and password (when I'm already logged in)
I just came onto LowEndTalk and I was greeted by a popup asking for a username and password. I'm assuming this is related to getflywheel.com but I just thought I'd make sure that it's not malware of some sort.
Here's a screenshot of the popup:
Comments
I think you got an malware.
That is being requested by blacksheep.flywheelsites.com. Perhaps a bit more going on than meets the eye. Any plugins querying your flywheel site, or minimized browsers?
I get it too from the front page, I think it has something to do with this post..
http://lowendtalk.com/discussion/comment/1023453/#Comment_1023453
http://theblacksheepagency.com/blog/images/uploads/ScaryGif.gif
seems @riz tried to link to a password protected pic..
I get the same thing when I am not logged in, and I am viewing this on an iPad through Safari, so it has to be something wrong with LET. I logged in to post this as I don't want on of my most favorite destinations to be contaminated with malware or crap.
They better get a malware scanner on it ASAP. I'd be shocked if it isn't malware... it looks to fake
Consistently not receiving that, for what it's worth. No extra browser plugins (just 1Password).
Im not getting it either, but 2 or 3 people reported they have it. Its just weird
I'm not having a problem with Chrome is this limited to Firefox?
Maybe something to do with the lastpass plugin in firefox? In chrome it just shows a broken link to the image.. no login popup..
It's definetly connected to the image link that @riz posted.. maybe a mod can remove the link from @riz post?
Sounds legit. Im on chrome and Im not getting it, Ill move to firefox and let you guys know what happens
Confirmed, it did it on my firefox but not chrome.
The broken image links to site below.. kinda makes sense since the login is taking you to blacksheep.flywheelsites.com
http://theblacksheepagency.com/blog/images/uploads/ScaryGif.gif
would that considered malicious?
I don't think so, probably blacksheep disabled hotlinking to the image.. so you need to login or view it directly from the site.. either way the image is not downloaded to your computer so I don't see where the harm can come from.
I could be wrong thought.. maybe run a malware scan.
Your reasoning is spot on. It makes sense.
Sometimes I receive notification email from LET about someone mentioned me, I click on link in email and it ask for log in. While I'm logged in already.
I'm using Google Chrome 41.
Probably has something to do with an expired security token.. I notice even thought I'm logged in to LET on one tab when I visit LET from say a link on Google for an older thread I'm generally not logged in.
@earl I googled the image and haven't been asked to login or what not at all. Don't quite know what's going on for you.
Hmm.. I'm not sure why its happening to us and not you.. if you are still able to, maybe remove the link and we can see if it's still happening.
This depends on on what url you have logged on to.
If you login at http://www.lowendtalk.com , all links at http://lowendtalk.com will require you to login again.
Just don't login in with your username and password in such HTTP 401 ERROR.
Maybe someone can use it to hack your account.
Link: (CN)
http://wooyun.org/bugs/wooyun-2010-015248
Not for earl, juse a notice.
That makes sense, I'll be sure to notice that the next time it happens..
And thanks for removing the image.. No more pop up login when I visit the page..
Yeah its probably not a good idea to try to do that.. If you did probably best to change your LET password as they may have logged your failed login details..
Looks like it was the image that @riz tried to include with his comment. It's good that the mods are on the top of their game, cause if this was malware and they didn't take care of it, they'd have alot of unhappy users by now.
Weird. Sorry guys and specifically @ub3rstar. Thank you @mikho for changing it -- it's just Mr. Bean with no popcorn left to eat..
I'm sure it wasn't intentional.. no big deal
Could be the site owner who set the image password protected because of the increased amount of hits when people browse this forum.
usually happens when im searching
I've seen a few attacks where people do this maliciously: embed an image that requires HTTP authentication, send private message to an admin, and then record password (another common one is to use image to grab IP address). Although blocking this in browser would be the easiest, it's also not hard for site operator who has lots of bandwidth to resolve it by providing proxy for image download, e.g. https://github.com/willnorris/imageproxy (I use that one since it supports caching too, though it's a bit of overkill with all the other features it supports).
Of course that doesn't necessarily fix the problem if other embedded content is allowed like iframe.