0
i had no problem until yesterday but today i noticed when i click any links it redirects me to http://www.ultrafiles.net/7cc02b3a/url/MY-LINK-HERE
which looks like this:
the picture above i tried to open a question in stackoverflow !!! and i was redirected there
so the first thing i did obviously was to disable all browser Extension and remove some apps which i suspected to no avail . as i am using ubuntu it was unlikely the problem be a program in os rather i suspected a user-script or something similar.
after some testing and checking sites affected i noticed sites that do not use google analytics has no problem so i checked ga.js and faced a surprise :
the only difference between left (Chromium) and right (Chrome) is that chromium is using a proxy with encryption.
so is my connection sniffed and modified somewhere between me and google ? how can i prevent it ? and does this means all passwords i entered in non-https sites may have been compromised ?
if you need any more info ask in comments and i try to provide them.
update: full script here
i do have a weak password on my router but i thought that won't make any problems since its only accessible from lan , am i wrong? (if i enter my wan ip in another network i won't get the router page) – Bor691 – 2014-12-20T15:31:15.163
any PC connected to the router and have access to the internet I think it could attack the router ... or the switch by the way, if there is any. – hsawires – 2014-12-20T17:52:44.737