Safari: IDN Spoof of my Own Website?!

Discussion in 'Mac Apps and Mac App Store' started by Hemingray, Dec 28, 2005.

  1. Hemingray macrumors 68030

    Hemingray

    Joined:
    Jan 9, 2002
    Location:
    Ha ha haaa!
    #1
    So this morning I'm visiting my own web site. I type into Safari "http://www.songofthesouth.net/home.html" and this message pops up (see screenshot)

    Where the HECK did Safari get "www.trust 4 free.ws" from what I typed in? It says that's what's in the location field, but that's NOT what's in the location field. "www.songofthesouth.net/home.html" is what's in the location field! I'm at a loss here...

    And this message only pops up on my web site, not anyone else's, and I only get this message in Safari. Can anyone shed some light on this? Has my web site been spoofed?
     

    Attached Files:

  2. jeremy.king macrumors 603

    jeremy.king

    Joined:
    Jul 23, 2002
    Location:
    Fuquay Varina, NC
    #2
    If you are certain you typed in the address, I would check your host file in /etc/hosts for any weirdness and contact your ISP to see if they have any nameserver issues.
     
  3. ITASOR macrumors 601

    ITASOR

    Joined:
    Mar 20, 2005
    Location:
    Oneida, NY
  4. NoNameBrand macrumors 6502

    Joined:
    Nov 17, 2005
    Location:
    Halifax, Canada
  5. Hemingray thread starter macrumors 68030

    Hemingray

    Joined:
    Jan 9, 2002
    Location:
    Ha ha haaa!
    #5
    When I got home this afternoon, I received the following feedback from a visitor:

    Could this be a strange coincidence, or is something up here? I don't have any Java on my web site. JavaScript, yes, but no Java. What is UP! I'll be contacting my web site hosting company right now.
     
  6. Hemingray thread starter macrumors 68030

    Hemingray

    Joined:
    Jan 9, 2002
    Location:
    Ha ha haaa!
    #6
    Update

    Okay, I contacted my web site hosting company today, and they said it sounded like my web site had been hacked, and something like a link to a 1x1 transparent pixel would allow another web site (www.trust 4 free.ws I guess?) to attempt to install malicious software onto the visitors' computer. :confused:

    Not quite sure if that was my situation. Anyways, I changed all my login passwords and re-uploaded my entire web site from my virgin local copy, so I overwrote any files that had been compromised. The IDN Spoof message no longer shows up in Safari.

    Has anyone else ever experienced something like this? In 7+ years of making web sites, this is sure a new one to me.
     

Share This Page