Head's up!On two separate occasions today I used Google for an osTicket-related search, clicked on a link that was meant to bring me to this forum, only to have my browser redirected to and hijacked by a bogus website. The site tries to aggressively push a drive-by download multiple times which on both occasions caused by browser to crash.It appears that I am the first to report this.It occurs to me that it is possible that it is actually my computer that is infected, and not osticket.com/forum/, but this seems unlikely as I have visited at least a hundred other websites during the same period.

Anyone else seen this behavior?

LOL I just clicked on this link in my Gmail accountblankSurely I cannot be the only person who is running into this?!

Yes i redirected to a random website... I thought it was my PC... but it is the forum.

I also had the second picture yesterday when I search for osticket.com/forum in my google toolbar....

But I make imedimently a full scan and vulnerability search whit my "anti-virus" (I don't have the translation.) and he did not found anythings.

Not only will this scare off new users but soon Google will catch on to what is happening and the search engine will discourage or block it's users from visiting osticket.com.

I encourage whomever maintains the site to take immediate action.

yes.  Norton blocked malware.

I'm not able to see what you guys are seeing. We will look into this.Cheers.

I reported this to the Devs.

I'm using Chrome on Windows. Perhaps the other people who are seeing the malware can also report their browser and OS.An obvious guess is that this is only affecting Windows computers.

same situation here and happened yesterday in a customer computer.red screen followed by hundreds of downloads of a .exestrange.

Yea i've seen this behaviour aswell in the last couple of days, just got sent to: http://167.99.10.111/alert?a=10012293&campid=62 after going to: http://osticket.com/forum/discussionsWindows 10 + Chrome here aswellNever seem to be able to replicate except for when i've not been active for a while and never gotten it on edge/opera/firefox so far.

So it's only affecting Windows Users??Cheers.

Just got the exact same page as stevland trying to get back to this thread and it kept trying to download a file infinitly causing chrome to get stuck at 100% cpu load.The file is just 2 bytes and it seems only the first one actually downloaded, the rest fail.http://147.75.83.191/alert/ch/?a5b22c339e94100tfn1b5b22c339e944e=+18443951479&c5b22c339e94890ftfn1d5b22c339e94c4=(844)%20395-1479#latest

I'm still seeing the malware, but I should point out that it is intermittent (not sure if I mentioned that before).If the devs are having trouble tracking down the source of the malware, I have a suggestion.I once encountered a website that was doing the same sort of thing... attempting to drive-by download files onto the visitor's computer. It turned out that it wasn't the website itself that was infected. The website had a section that displayed ads which it rented out to a third-party. And it wasn't this third-party that was infected either. The third-party re-sold the ad space to various advertisers. It was one of the advertisers that was pushing out malicious code through its ad.Long story short, my suggestion is to temporarily disable the "Hellobar" at the top of the site (the "We're hiring -- UI/UX Designers, Developers and DevOps" overlay). And any other scripts that are pulling in code from a third-party other than, say, Google or Gravatar.I hope this helps.

Happend in firefox aswell and malwarebytes had a fit about it tooCategory: HijackingDomainn: myintohiseyes.tkIP-adress: 207.244.95.47Port: Type: ExternalFile: C:\Program Files (x86)\Mozilla Firefox\firefox.exe

I've experienced this over the last 2 days, on both Chrome and Firefox (both Windows 10) and its ONLY happened when on the OSticket forum and usually its happened around 2-4pm.  I'm on the web all day in multiple browsers.  My firefox is a new install with few extensions so I'm confident its not a plugin or extension in Chrome and I've got both the random web page and "big red warning page and crashed browser" in both apps.The certificate mismatch on this site doesn't help boost confidence either....Until a fix has been posted here I've added hellobar.com to my hosts file pointing at 127.00.1 so it can't fetch more pain from the web.  

2018-06-15 16_02_58-Insecure Connection.png

2018-06-15 16_05_52-Malware on website_ forum - Suggestions and Feedback Discussions on osTicket For.png