Chess.com virus alert

from NOD32:

Object:

http://www.chess.com

Threat:

HTML/Iframe.B.Gen virus

Yes.

There's a virus at homepage. That is from http://4sdsjhiosiduhb.co.cc/main.php?page=...

appears on main page

and there is another alert:

url: 4sdsjhiosiduhb.co.cc/main.php?page=66c6ce3c7bc4b20c

ip: 95.163.89.194:80

Really sorry you're all experiencing this. We are investigating now to see where this is coming from

Yep.  Norton is flagging the main page for me too.  Same URL as Spieler999 posted.  As a premium member (i.e. no ads), I am doubly curious where this is coming from.  Looks to me that your main page has simply been hacked.  The HTML given above opens an invisible frame which directs the user to a page with the exploit.

I have a virus alert with the indication it is from chess.com! help.

Investigating? Shouldn't the whole site go in maintenance state until this has been settled?

No.

I'll have an update for you shortly as we may have found where this alert is coming from / whats triggering it.

Now seems to have disappeared! I think my security prog got rid of it! Or somebody did!

We did.

There was a section of code triggering the alerts which we have now removed.

Same alert than spieler999 @ time of this post-3mins

The problem doesn't seem to be solved just yet.

I just got hit too, norton caught it as I logged in.

Spoke too soon. It's back!

which page?

Can you email me a screenshot please?

kohai@chess.com

I have cleaned it up again. Can you please report any other pages you guys see this on. Or report if it shows up again on the home page. We're still investigating this here. thanks

Anyone knows what it does? On my system (Mac OS X Lion) it seemed as if it launched a Java-applet that tried to get access to the internet (caught by the firewall), but I'm not entirely sure and I'm not all that keen to experiment with it.