Rid Web Page

[DavidHouston]

Friends,

When I try to log on the Royal Institute's dictionary web page, I get the following:

"Reported Attack Page!

This web page at rirs3.royin.go.th has been reported as an attack page and has been blocked based on your security preferences.

Attack pages try to install programs that steal private information, use your computer to attack others, or damage your system.

Some attack pages intentionally distribute harmful software, but many are compromised without the knowledge or permission of their owners."

Is anyone else getting this result? Is this a real problem or has someone inadvertently placed the site into this category?

[tgeezer]

Hi David, I used it today and had no problem. Is it a setting in your anti-virus prog? I would ask in Computers forum.

[klons]

I went there and had no warnings using a Mac. However , I have a font problem there as I get the diamonds with the question marks and other junk symbols. Anyone know how to fix that?

[DavidHouston]

"www.stopbadware.org" reports:

royin.go.th

Domain Information as of Feb 19th 2010

IP Address: 202.57.163.52

Country: TH

ASN: 7654

AS Name: SIAMGLOBE-AS-AP Internet Service Provider Co., Ltd.

Additional sources of information

Web of Trust

SiteAdvisor

Wikia Website Review

Discuss on BadwareBusters.org

Related URLs

http://royin.go.th/en/calendar_home/

http://royin.go.th/en/contactus/

http://royin.go.th/en/download/

http://royin.go.th/en/faq/

http://royin.go.th/en/home/

more...

Current Activity

Google

Google reports badware-related activity on royin.go.th/ as of Apr 10th 2010

HELP! This is my site!

Request an independent review of data providers' findings

Past Activity

Google

Google reported badware-related activity on royin.go.th/en/calendar_home/ between Feb 24th 2010 and Apr 10th 2010

Google

Google reported badware-related activity on royin.go.th/en/contactus/ between Feb 24th 2010 and Apr 10th 2010

Google

Google reported badware-related activity on royin.go.th/en/faq/ between Feb 24th 2010 and Apr 10th 2010

Google

Google reported badware-related activity on royin.go.th/en/home/ between Feb 24th 2010 and Apr 10th 2010

Google

Google reported badware-related activity on royin.go.th/en/knowledge/ between Feb 24th 2010 and Apr 10th 2010

more..."

tgeezer and klons,

Thank you for your responses. I report here because most of the usage of the RID site is in the Thai language forum. There was another similar report on Thai-Language.com from a user in Europe who received the same warning from Firefox on his computer.

Edited April 11, 2010 by DavidHouston

[noahvail]

Sadly, many of the Thai government's websites have been labeled as attack sites. Fortunately, Google does a fairly good job of notifying you if you Google a topic, and a hit is labeled as an attack site.

I would most certainly believe that the government itself is not the source of the malware (or badware). The sites may have been attacked and broken into, and then try to spread the malware.

I would not venture to guess why the webmasters have not yet corrected the issue.

[kokesaat]

Avast also gave me a malware warning. Thai government websites and Avast warnings (spyware/virus/malware) go together like soup and sandwich. I never get warnings from visiting any of the other hundreds of websites I visit.

[DavidHouston]

Avast also gave me a malware warning. Thai government websites and Avast warnings (spyware/virus/malware) go together like soup and sandwich. I never get warnings from visiting any of the other hundreds of websites I visit.

Kokesaat,

Is it possible that someone or some group is consciously trying to sabotage official Thai websites? Is it possible to know whether the reported "threats" are real or are merely someone trying to discredit the RID? Can the webmasters at the Royal Institute prevent this?

I would not be so concerned except that the Royal Institute and its sites and dictionary are very valuable in our Thai language study.

Thanks for your help.

Edited April 11, 2010 by DavidHouston

[kriswillems]

Even within official Thai organisation illegally copied software is used. This copied or downloaded software comes often with viruses. I've worked with hundreds of computers in Thailand. I've never found any system that uses official software. Most systems were infected by viruses. Almost none of the systems had an up-to-date virus-scanner.

Probably a virus at RID is trying to spread via its website.

A lot of Thai government websites, but also a lot of websites of Thai shopping malls or other Thai companies have this problem. Even Thai websites that allow credit card payment are often infected.

Most infected websites are harmless if the visiting computer has up-to-date software.

[tgeezer]

Even within official Thai organisation illegally copied software is used. This copied or downloaded software comes often with viruses. I've worked with hundreds of computers in Thailand. I've never found any system that uses official software. Most systems were infected by viruses. Almost none of the systems had an up-to-date virus-scanner.

Probably a virus at RID is trying to spread via its website.

A lot of Thai government websites, but also a lot of websites of Thai shopping malls or other Thai companies have this problem. Even Thai websites that allow credit card payment are often infected.

Most infected websites are harmless if the visiting computer has up-to-date software.

I have just googled RID and the site came up on the screen closely followed by a warning from the anti-virus prog. giving me the option of removing 'Trojan. JS/Gambuli.E. This is the second time. I hardly use the computer here in England so it probably came from RID. The risk was described as severe, takes control of the computer.

[SoftWater]

This screenshot is from Google's diagnostic page giving detailed explanation of the problem. Looks like confirmation of Kris's comments above.

Edited April 13, 2010 by SoftWater

[bhoydy]

Mmm, still the same problem. Cannot enter the site. So what is there to do to try and fix this problem? Obviously it should be reported but i can't get on their website to find their contact e-mail.

[Richard W]

I went there and had no warnings using a Mac. However , I have a font problem there as I get the diamonds with the question marks and other junk symbols. Anyone know how to fix that?

Tell you browser what encoding is being used. (Any specifically Thai encoding will do.)

So far as I am aware, the warnings are being provided by the browser, so the lack of warnings may simply be a matter of what browser you are using.

Firefox users do have the option of viewing the pages regardless of the warning. The option is in the 'small print' - it is hoped that one will not choose the option.

[katana]

Maintenance on that site seems rather haphazard. I remember for a number of years, the RID dictionary wouldn't work with Firefox, only IE.

If the site's been hacked, they may not even be aware of it.