Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

Hi! I had never heard of your service, so I googled it and accidentally misspelled "Pixel" as I often do as "Pixle". The first result was a reddit thread and the second seemed to be a full-length rip of Becoming Royal that had some really malicious ads which were clickjacking and covering the content. Just thought you might like to know. :)


Thanks for letting me know. I suspect my advertising partner is doing some shady business on my site. I have been trying to catch them but I never seem to get the malicious ads myself, even when using a VPN from more eastern or southern nations.

Could you maybe send me a screenshot / screen capture of the ads and send them to support@pixeldrain.com? I'd really appreciate that.


I sent you an email. Domain is the same as my un here.


That page is the second organic result for "pixledrain" for me.

The url is https://pixeldrain.com/u/823R39Sc

And it is full of popups, redirects, etc. And maybe acting differently per-referer.


Do you happen to be using an iphone? The malicious ads seem to be targeting iphones specifically. I can't reproduce it myself but I have told my advertiser about it.

I have some leverage here since I'm one of their largest publishers.


Nope, Android. I tried reloading a few times, and the page is normal most of time. So it must be only when a specific ad runs?

Edit: Played around with it a bit. I think (not sure), some of the stuff is coming from this in the page source, near the bottom.

  <script type="text/javascript" src="//optyruntchan.com/400/4189877" data-cfasync="false" async="async"></script>
  </script>


Note that is actually in the page, is NOT the ad, and couldn't have been injected by the ad.

It looks troublesome to me, as I don't see it on other similar pages on your site that also have ads.

Edit: Confirmed. Added "optyruntchan.com" to my local hosts file as 127.0.0.1. The page still has the ad at the bottom, but all the popups, overlays, redirects, are gone.


It's not like pixeldrain has been hacked or anything. I have been serving ads for this company for almost a year. It's just that they decided to serve full screen ads all of a sudden without consulting me.

I have removed them completely for now. I'll just be operating at a loss until I find an alternative ;-(


Ah, okay, sorry. I didn't see that piece of javascript on any other user-created pixeldrain pages, and it isn't involved in the ad at the bottom/center of the page. So, it did seem out of place to me. I can't even tell where it would place an ad.


No problem. I base the ads I show on the size of the file that's being downloaded. Larger files cost more bandwidth so they get more intrusive ads. But I don't want the ads to be so intrusive that they drive users away of course.

Normally these ads would show up as little floating windows in the bottom right corner.


I took a look at the script, it looks _hella_ shady. Some sort of packing I've never seen.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: