A Russian server is injecting a hidden IFRAME into the NWEN page right now. I can’t believe that this is legitimate. I first thought that it was trying to replace the login screen and steal credentials; but upon further inspection, it’s not (apparently) doing that. I’m no expert, but it looks like it’s….falsely crediting traffic to…jino-net.ru? Seems strange. Perhaps someone else can take a look and figure it out.
I’ve notified NWEN via e-mail.
The funny thing is that if not for Google I wouldn’t have known. The main events page at http://www.nwen.org/index.php?option=com_events&Itemid=15 appears normal. But Google directed me to the page shown above when I did a search on “Early Stage Investment Forum”, and I wondered why the date was set to 1969. Something didn’t smell right.
Trusty Firebug showed me the hidden IFRAME problem in two seconds.