Sites with mixed encryption are re-directed to Fileinxt.com. Why can't I just display encrypted content?
When I visit Boostmobile.com and try to log into my account, I am redirected to Fileinxt.com, and get pop-up windows as well. I can block the pop-ups, no problem. This bug doesn't affect IE8, which I don't especially like, because when I go to the page using IE8, IE8 asks me if I want to see just the encrypted content or all the content. I opt for just encrypted, and no problem. If I opt for both encrypted and un-encrypted content, I get sent off into Fileinxt.com land. So it's a web page bug that exploits a weakness in Firefox (all version) and, apparently, Google Chrome as well. I have un-installed and re-installed Firefox, no change. Is my computer actually harboring a virus. or is this exploit just a weakness in Firefox (and reportedly in Google Chrome)?
Novain'i socalmonk t@
All Replies (7)
I don't see anything strange when I go to the login pages, but I can't actually log in. Does the problem occur when you visit these pages, or only after logging in?
https://apps.boostmobile.com/boostApp/accountLogin.do
https://apps.boostmobile.com/boostApp/myLogin.do
I found a solution. I have Adblock Plus installed. I just added the offending address, Fileinxt.com to my filter list (Easylist). The problem occurs after I enter my username and password. That is when the re-direction happens. Thank you for your timely response.
Novain'i socalmonk t@
This issue was the result of an attack on the boostmobile.com site. While the attack was in place (it's since been fixed), the https response from the site contained a reference to insecure javascript at a 3rd party site. That javascript would ultimately result in a hijack of the browser session. Since the javascript was from a 3rd party site, presumably under the control of the attacker, it could have done more than just load ads - it could have captured, for example, any of the information displayed on the boostmobile.com site.
So, also, change your boostmobile.com password. Note, though, that passwords for the site are laughably insecure: four digits!
I figured that out when I opened the page in my BlackBerry and it was OK (Opera Mini) and then double-checked it in IE8. IE8 didn't ask if I wanted to display all content or just encrypted. Even with the "My Account" page open, there ain't much to see. I can't, for examole, display the full number of a registered payment instrument like a credit or debit card, or a bank account, unless I am entering a new one, and then I can only see the one I'm entering. Boost doesn't have a way to withdraw funds once they're in.
Your question was about being re-directed to another site. What does your last response have to do with that issue??
Novain'i Helper7677 t@
It was a response to mbdSeattle. He explained that the problem was not a virus on my computer, but an attack on the Boostmobile.com website that re-directed my browser. I had surmised that because it not only affected Firefox (all the versions I tried), but IE8 as well, if I allowed the browser to display non-encrypted content on the (secure) website in question. It also affected Opera Mini on my Unix-powered Blackberry, as well as reportedly affecting Mac's as well as pc's. I could work around the hi-jack by only displaying encrypted content on the site in IE8, by adding Fileinxt.com to my filter list in Adblock Plus for Firefox, but had no work around for Opera Mini on the BB. So when I visited the site with my BB and it displayed correctly, I figured the Boostmobile website admins were aware of the attack ( I queried them as to whether the page was infected, and would guess others did as well) and patched the hole. I further responded to mbdSeattle's comment on the security of the Boostmobile.com website. Should also add that I scanned with AVG 2011 and Malwarebytes, and neither program found anything amiss.
Novain'i socalmonk t@