Newegg SSL compromised, dirty spyware, or a partnership in crime?

Liger88

2[H]4U
Joined
Feb 14, 2012
Messages
2,657
Right now I'm on a fairly new build (since mid-September) and recently, perhaps a few weeks to a month ago I noticed something strange when visiting to Newegg (and ONLY Newegg).

Everything is fine and dandy, until I go to checkout. Immediately when I go to sign in I get bombarded by 3-5 popups (they keep coming or refreshing every few seconds) with a Certificate error.

http://i4.minus.com/iboLSAUKQmu33f.jpg

http://i5.minus.com/iz5o5WTzU6foo.jpg

http://i1.minus.com/ibed4EKDsiozoT.jpg

If I accept everything goes fine despite the clear warning, rejecting all 5 attempts will still allow me to continue if I so choose. My main browser is Opera 12.16 and I've never had this problem prior. Using IE 9/10 it doesn't even pop up a Certificate error.

Ran 3 AV scans using Avast!, MSE, and MalwareBytes each showing absolutely nothing wrong. Tried Googling edge.livetracker.net and cloudfront.net and came up with some shady results pointing to spyware and direct relations to Amazon itself.

Nothing has shown up on my system and having thought about this for awhile it only started happening when Newegg changed there stupid site navigation on November 1st to this new and un-improved system. I have no idea what to make of it as I seem to be the only one having this issue.
 
Both BIOS and Windows are reporting the same time:

12/1/2013 14:48

I might be paranoid, but I think it might have something to do with Newegg's code after they changed the site that somehow it might just be incompatible with Opera since it really is almost as recent as when they underwent that change a month ago. I could be wrong it just doesn't make sense.
 
Maybe it had something to do with them losing that initial case against that copyright troll. I think I recall them having to make some changes to their SSL configuration.
 
Those are both CDNs, simply hosting images/content/etc.

Very odd as the one is actually Amazon. (cloud front)
 
Those are both CDNs, simply hosting images/content/etc.

Very odd as the one is actually Amazon. (cloud front)



That's what I was thinking myself, but it makes me nervous because it's on the actual SSL page that logs you into your account. Perhaps I should send Newegg a report referencing this thread. Legit or not you never want to see that on a supposed "secure" page that takes you into your account where all your details are needed.
 
My point is that it may not be neweggs cert. You can serve multiple certs on a page if content is coming from different places. I see you still have a green lock for the primary domain, which is likely where any forms submit to.
 
My point is that it may not be neweggs cert. You can serve multiple certs on a page if content is coming from different places. I see you still have a green lock for the primary domain, which is likely where any forms submit to.



Ahh I see what you're saying. I'll try loading up Opera on my laptop and see if I get the same results, if so I think I'm in the clear and you're on the right track.


[EDIT]: Just confirmed Opera 12.16 seems to be having this problem on both my computer and laptop. I have an older version of Pale Moon (FF derivative) version 12.3 and it has the same warning. Newer versions seem to not have this problem of most browsers including the Beta version of Opera (v.18). I guess it isn't a big deal and I'll just continue on until Opera updates there browser to a more stable version. Hopefully this helps someone else who finds themselves googling this strangeness.

The .01% of the internet that is lol.
 
Last edited:
Back
Top