Pop-Up Downloads

Discussion in 'other security issues & news' started by spy1, Apr 15, 2002.

Thread Status:
Not open for further replies.
  1. spy1

    spy1 Registered Member

    Joined:
    Dec 29, 2002
    Posts:
    3,139
    Location:
    Clover, SC
    Web surfers who thought online advertisements were becoming increasingly obtrusive may be dismayed by a new tactic: pop-up downloads.

    In recent weeks, some software makers have enlisted Web site operators to entice their visitors to download software rather than simply to view some advertising. For example, when visiting a site a person may receive a pop-up box that appears as a security warning with the message: "Do you accept this download?" If the consumer clicks "Yes," an application is automatically installed.

    Article here: http://news.com.com/2100-1023-877568.html
     
  2. Checkout

    Checkout Security Rhinoceros

    Joined:
    Feb 11, 2002
    Posts:
    1,226
    I suppose we should be grateful there's a warning...
     
  3. spy1

    spy1 Registered Member

    Joined:
    Dec 29, 2002
    Posts:
    3,139
    Location:
    Clover, SC
    I've found it helpful (in IE, anyway) to keep'File Download' 'Disabled' unless I'm actually d/l'ing something (Tools/Internet Options/'Security' tab/Custom Level/ scroll down to the 'Downloads' heading and put the dot in the 'Disable' button - for all Zones. Pete
     
  4. Mr.Blaze

    Mr.Blaze The Newbie Welcome Wagon

    Joined:
    Feb 3, 2003
    Posts:
    2,842
    Location:
    on the sofa
    :DLMAO where you been thers way worst ones out there one installs with out asking and thers one that installs in your temp directory even if you click on no

    dialers for porn are the worst you get 4 installs with out warning 1 in programs one in dial up net working another on your desk top and one in your documents

    you have to delet all of them if you dont they reinstall them selfs.

    comet curseor is the worst it instals several tines over like a nasty viruse jumping folders and directorys.
     
  5. spy1

    spy1 Registered Member

    Joined:
    Dec 29, 2002
    Posts:
    3,139
    Location:
    Clover, SC
    "where you been"?

    :) Obviously, not where you've been!

    While quite aware of all the other things you mentioned, I've never experienced any of them.

    Feel free to PM me some links where all this nastiness takes place. Pete
     
  6. Mr.Blaze

    Mr.Blaze The Newbie Welcome Wagon

    Joined:
    Feb 3, 2003
    Posts:
    2,842
    Location:
    on the sofa
    LOL WILL SOME PLACES  ON CHEATING REDIRECTS YOU MIGHT WANT TO BLEACH OUT YOUR EYES.

    Any one who has surfed adult matrial knows what horriable things you get spamed with.

    js exploit is one of the most common ones and i even ran into one that locked up my system screwed up my aol and dowenloaded mass html sick stuff.

    i know whaer there is a comet curseor that installs when you say no
    httx://chilliebomb.com i think thats the url :D

    edit: URL chanced to "httx". Anyone why feels the need to surf to the real URL, change it back to "http". - Forum Admin.
     
  7. Jooske

    Jooske Registered Member

    Joined:
    Feb 12, 2002
    Posts:
    9,713
    Location:
    Netherlands, EU near the sea
    Remember the "gohip" drama (or joke virus) which installed itself  as a browser enhancement with or without any warning and even if you chose "NO" on the message box it still installed and was very hard to get rid of.
    Think there are more of those, installing with or without warning (ever got the complete zipped BO2K program that way surfing atround, not nice eh?)
    Wonder if the popups are a warning or also trigger the d/l action?
    I mean: would it be possible we don't see such warnings with our p/u blockers and the action could take place unless we press NO on the p/u ..whatever?

    Edited:
    Speaking of Gohip: just find two emails of an infected user with that, thought this had passed long ago. So on the alert again!
     
  8. spy1

    spy1 Registered Member

    Joined:
    Dec 29, 2002
    Posts:
    3,139
    Location:
    Clover, SC
    Interesting question. One would think the thing would still be sitting there (unseen, of course) waiting for an answer until you closed the window - but maybe not.

    mr.blaze - Tried that link you gave, but I got a 'Could not find server' back from it. Pete
     
  9. snowman

    snowman Guest

             Pete

             a couple of weeks ago I was hit by this exploit or an extremely near likeness to it............an yes you are correct....the illegal download was just sitting there behind the window.....waiting!

             I would never have seen it ......it may have been sitting there for hours....

             another action I am noticing is that my settings are changing in the trusted zone......."submit non encrypted becauses "enabled"......an I alway set this at "prompt"........only happening in the trusted zone.

            will do some testing over the weekend.


                              snowman
     
  10. Jooske

    Jooske Registered Member

    Joined:
    Feb 12, 2002
    Posts:
    9,713
    Location:
    Netherlands, EU near the sea
    Now you mention it, i noticed this or last week an update.cab (not sure about the exact name) which asked allowance for updating/downloading or maybe even installing, don't know what was exactly the matter as i was in the middle of several things at a time and a crashing program, so i did not really pay attention, only did not allow that action; thought if it was important it would come back in another occasion, but that did not happen yet and i don't quite remember where it was.........
     
     
Loading...
Thread Status:
Not open for further replies.