Howdy all

My forum was running slow today and I kept getting a 'maintenance' page. While I was waiting for the forum to load I could see, in the bottom left hand corner it said waiting for dealctr.com - I googled it and it said it's a 'backdoor malware that's spread through fake security'.

Marvellous.

Does anyone know how it got there and how I can get rid of it please? Does this affect all members of my forum? I don't get the same alert on any other website, so I guess it's not a virus on my computer...

I'm a bit concerned about 'fake security'.

Thank you.

Your forum is definitely secured
Now I refresh many times you forum but i didnt get any error or maintenance page
Is this still happening?

Hello @jkh

We experienced a problem with one of our servers which was charged for several minutes. Based on your post and the time you posted it, this corresponds perfectly to this problem. Hence the latencies you encountered while browsing your forum.

Hi Skouliki 

I activated the adblocker on my browser for my forum, then I didn't get the alert. I also didn't get the alert after I deactivated the adblocker.

I also deleted the forum cookies and ran a virus check, but no virus on my pc, so I guess whatever the problem was it's been resolved somehow.

I haven't seen that dealctr.com thingy before.  




How do you know my forum is secure? Is it because of the padlock thing at the top?

The Godfather wrote:Hello @jkh

We experienced a problem with one of our servers which was charged for several minutes. Based on your post and the time you posted it, this corresponds perfectly to this problem. Hence the latencies you encountered while browsing your forum.

Ah thank you for explaining...all seems to be well now

Oh, I've just seen it again....

and this: ct.sddan.com (open threat exchange)

Please don't double/tripple post, use the edit button instead

You talk about external resources. For the first mentioned, certainly called by an advertising network that we use: Criteo, Google Adsense, Taboola...

For the second (sddan.com), it is the provider of our consent banner for the GDPR.

Likewise, we have just intervened once again on the server in question.