Rogue AV pimps finally show love for alternative browsers

Discussion in 'malware problems & news' started by Kernelwars, Mar 2, 2011.

Thread Status:
Not open for further replies.
  1. Kernelwars

    Kernelwars Registered Member

    Joined:
    Aug 12, 2010
    Posts:
    2,155
    Location:
    TX
  2. J_L

    J_L Registered Member

    Joined:
    Nov 6, 2009
    Posts:
    8,516
    Certainly looks pretty realistic, except for the Safari one. I wouldn't bother on that browser either.
     
  3. m00nbl00d

    m00nbl00d Registered Member

    Joined:
    Jan 4, 2009
    Posts:
    6,623
    Sometime ago there were malicious URLs that would show the user the same warnings web browsers give upon facing malicious URLs, with just one tiny detail - an upgrade button for some rogue/malware crap.

    That was more realistic, back then. But, I guess some people would still fall for such crap.
     
  4. Noob

    Noob Registered Member

    Joined:
    Nov 6, 2009
    Posts:
    6,468
    Woaaaah, i'm pretty sure lots of people will fall in the trap :rolleyes:
     
  5. wat0114

    wat0114 Guest

    Yep, I agree. Lots will even miss the poor grammar in the pop-ups ;)
     
  6. m00nbl00d

    m00nbl00d Registered Member

    Joined:
    Jan 4, 2009
    Posts:
    6,623
    I don't get your sarcasm, to be honest. Don't people fall for rogue crap? The example given in this thread isn't the first one with poor grammar; still people do fall for it.

    Just because you two, or me, or many people here at Wilders wouldn't fall for it, the same doesn't mean others wouldn't.

    The same goes for other type of infections. I already mentioned in some other thread that, for some reason, forums specialized in cleaning malware are always crowded with people asking for help, and that's just a small sample of the larger %.

    It also wouldn't be the first time, if for a brief moment we could believe this was a legitimate alert, that REAL security software would have poor grammar as well.

    But, that's just me saying it, of course. But, for some reason, rogue security software/rogue alerts still exist... I wonder why? Yes, I guess they just miserably fail their targets. :rolleyes:

    -edit-

    Take the example of user J_L (no bad intentions here ;) ). He considered to be pretty realistic, except for the Safari alert.

    I'm not saying he/she would fall for it, but obviously when looking at those pictures he/she didn't find anything that could possibly let him/her spot problems. (I'm excluding the fact J_L may be aware of how the REAL alerts look like.) This will happen to many other people out there, and they will be the targets.
     
  7. wat0114

    wat0114 Guest

    LOL!! sorry m00nbl00d, take it easy :) I actually was not being sarcastic. I really do believe many will fall for it. Sorry, I must admit it looks like I'm agreeing with Noob's sarcasm, but then again does Noob believe most won't fall for it or they will?? I'm not even sure of his thoughts, because I honestly believe it fools a great many people.
     
  8. m00nbl00d

    m00nbl00d Registered Member

    Joined:
    Jan 4, 2009
    Posts:
    6,623
    Yeah, Noob owes us some explanation! :D

    One adds a sarcastic icon, the other one winks at it. Can you blame me? lol
     
  9. m00nbl00d

    m00nbl00d Registered Member

    Joined:
    Jan 4, 2009
    Posts:
    6,623
    The domain shown in the Chrome browser would redirect to another domain, from which AVG LinkScanner would prevent an exploit(s) delivered by Blackhole Exploit Kit.

    There's also a URL (same domain) for a *.jar file named as a game, which would most likely exploit a Java vulnerability.

    -edit-

    According to VirusTotal 0/43 detect this *.jar file as being malicious (Goodware? You think? :D)

    As for the URL (in the same domain) hosting the exploit, besides LinkScanner, according to VirusTotal only 1/43 (this excludes AVG, because LinkScanner does block it) would spot it. Other tools would too, like Norton SafeWeb, MyWOT, BrightCloud (owned by Webroot). I didn't go any further than this... But, according to urlvoid, the scenario ain't that good. lol
     
    Last edited: Mar 2, 2011
  10. wat0114

    wat0114 Guest

    Yeah, Noob has some 'splainin to do :p Funny, his sarcasm emoticon never really dawned on me at the time. Too sleepy I guess :D
     
  11. TairikuOkami

    TairikuOkami Registered Member

    Joined:
    Oct 10, 2005
    Posts:
    2,508
    Location:
    Slovakia
    Google warns me, but I do not have java installed, so I get only a blank webpage, but I can imagine, that most people would fall fo it, my friends already did (similar one).
     
    Last edited: Mar 3, 2011
Loading...
Thread Status:
Not open for further replies.