It is currently Wed Jan 17, 2018 5:22 am

All times are UTC




Post new topic Reply to topic  [ 3 posts ] 
Author Message
 Post subject: Don't click on these
PostPosted: Thu Jan 04, 2018 3:47 am 
Offline

Joined: Thu Dec 07, 2017 2:01 am
Posts: 1
has taken a dangerous turn. There are a fair number of poisoned links in google search results for "PJ Harvey, in the last 24 hours". This isn't a one-time thing either. I've been noticing them for at least the last few weeks.
They take the form of gibberish with a bizzare looking url. Here's one:

Pj Harvey You Said Something
7 hours ago - "He then led a group of US troops to pj harvey a nearby suburb where one of Saddam's loyal security chiefs was waiting. The US officers were handed a ...

I deliberately crippled the url above by making it pj_harrrvey instead of pj_harvey. Clicking this will very likely bring up a battle between a trojan downloading virus and your antivirus software. Note that .cc is china I think. Make sure you keep your browser updated as well as your AV software and Operating system updated. Whatever this is, it's bypassing Firefox's defenses also.

These are called "drive by" trojans. Be careful out there.

_________________
http://www.youtube.com/watch?v=p9eTwPgl0GU


Top
 Profile  
 
 Post subject: Re: Don't click on these
PostPosted: Sat Jan 06, 2018 10:53 pm 
Offline
Moderator
User avatar

Joined: Sun Jul 19, 2009 5:22 pm
Posts: 2191
Location: ~ +38.4, -122.7
No link or URL was present in this post when I approved it, but it's very true you have to be careful when clicking on google search results, particularly "recent" searches which show country domains like .cc or .ru etc in the URL.

Google will sometimes flag them with a warning, at least in Chrome. In my experience poisoned links are more commonly seen in very topical and popular subjects, not someone like PJ Harvey. Think very newsworthy events that have happened in the last 24 to 48 hours.

I just did a general "pj harvey", past 24 hours search using Chrome and didn't see any obvious (gibberish) bad URLs.

An even more insidious way to get hit is via a poisoned ad served by a website. Even well known web sites like yahoo don't really vet their ads so be careful and don't linger for long on sites which serve lots of ads. The good news is Chrome will automatically start blocking various forms of "bad" ads on Feb 15. They had to do this since so many people are installing ad blocker extensions in their browsers. If everyone does that, google's income stream will dry up and web sites will die off for lack of funds.

Anti-virus software doesn't do a very good job of protecting against ad-delivered malware. Malwarebytes' paid version keeps a black list of malicious web sites and updates it in real time. Here's an example of an ad-delivered malicious web site it blocked on my PC 2 days ago:

Domain: my.rtmark.net
IP Address: 18.194.130.151
Port: [62562]
Type: Outbound

I don't think it'd be a good idea to point your browser to it.

And it goes without saying you need to keep your operating system and browser updated. When windows wants to reboot to install updates, don't put them off. Chrome will also automatically update itself, but you can check if it's uptodate by using the Help dropdown, then About. I use a free program called Secunia PSI to monitor all the programs on my PC and alert me when they need updating (which i do manually).

The latest trick I've heard of is malicious web sites and/or ads silently installing persistent(!) bitcoin mining software on your machine (even mobile devices).

BTW op, I like your signature :wink:

_________________
http://www.youtube.com/watch?v=p9eTwPgl0GU


Top
 Profile  
 
 Post subject: Re: Don't click on these
PostPosted: Mon Jan 08, 2018 6:20 am 
Offline
Moderator
User avatar

Joined: Sun Jul 19, 2009 5:22 pm
Posts: 2191
Location: ~ +38.4, -122.7
The Opera web browser will block bitcoin mining scripts automatically soon:

https://www.engadget.com/2018/01/03/opera-update-protects-hijacking-bitcoin/

It sounds like it's being added into Opera's built in ad blocker, but like I said if everyone blocks ads the web will eventually die and Facebook may become "the internet" for everyone - a truly scary thought.

_________________
http://www.youtube.com/watch?v=p9eTwPgl0GU


Top
 Profile  
 
Display posts from previous:  Sort by  
Post new topic Reply to topic  [ 3 posts ] 

All times are UTC


Who is online

Users browsing this forum: No registered users and 2 guests


You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum

Search for:
Jump to:  
Powered by phpBB © 2000, 2002, 2005, 2007 phpBB Group