Singapore Expats Forum

vicious pop-up adds

Announcements, promotions, news, help. Ask about registrations, avatars, PM and others. Post all your forum and Singapore Expats site related questions here.
User avatar
Strong Eagle
Moderator
Moderator
Posts: 11062
Joined: Sat, 10 Jul 2004
Location: Off The Red Dot
Contact:

Re: vicious pop-up adds

Postby Strong Eagle » Fri, 19 Feb 2016 9:36 pm

x9200 wrote:I am running Firefox on Linux. In my 25y of using it (Linux), it has never been infected so I am not sure what is the likelihood of this to happen. Not a zero for sure with all these java / flash extension but so far, the problem seems to be pretty much confined to this very forum and Firefox only. When I have some more time, I will take a closer look. At this point I switched to Chrome.


Well... when you consider that nobody else is experiencing "vicious pop-up adds" on this forum, and considering it is highly unlikely that the board admins would add "vicious pop-up adds" to the mix on the expat board, and considering that "vicious pop-up adds" are known to be caused by malware, wherein words get highlighted when the cursor is moved over them, thereby causing annoying popups of all sorts, I'd say you are DEFINITELY infected, not withstanding Linux users comments to the contrary.

It seems quite possible to have a case of malicious code injection from a visited website, regardless of the underlying OS.

User avatar
x9200
Moderator
Moderator
Posts: 9314
Joined: Mon, 07 Sep 2009
Location: Singapore

Re: vicious pop-up adds

Postby x9200 » Sat, 20 Feb 2016 7:24 am

I don't think there is enough Linux users regulars (nak only and myself?) on this forum to conclude as browsing environment/extensions varies. There is just an alternative to the infection, and I mentioned it earlier. Badly written scripts (or such) happen. Instead of placing an ad in a designated space it just opens it up in a new window. This is relatively common problem for non-mswindows browsing.

Anyway, I ran a malware scanner available for unix-like systems (Clamav) and it detected nothing. There is also nothing suspicious within the browser/plugins extensions.

User avatar
Strong Eagle
Moderator
Moderator
Posts: 11062
Joined: Sat, 10 Jul 2004
Location: Off The Red Dot
Contact:

Re: vicious pop-up adds

Postby Strong Eagle » Sat, 20 Feb 2016 8:24 am

x9200 wrote:I don't think there is enough Linux users regulars (nak only and myself?) on this forum to conclude as browsing environment/extensions varies. There is just an alternative to the infection, and I mentioned it earlier. Badly written scripts (or such) happen. Instead of placing an ad in a designated space it just opens it up in a new window. This is relatively common problem for non-mswindows browsing.

Anyway, I ran a malware scanner available for unix-like systems (Clamav) and it detected nothing. There is also nothing suspicious within the browser/plugins extensions.


So then... you're not having any problems are you? Except that you are. Therefore your malware scan results are rather suspect. And I'll ask... I can see that the OS might be more resistant to infections via a browser hi-jack but why do you think the browser itself ought to be any more resistant? It needs to follow HTML standards to be compliant, and that means opening the browser up to all sorts of stuff.

User avatar
x9200
Moderator
Moderator
Posts: 9314
Joined: Mon, 07 Sep 2009
Location: Singapore

Re: vicious pop-up adds

Postby x9200 » Sat, 20 Feb 2016 8:36 am

I am not saying it is this or that way. I already said, I believe twice, in this thread that it still can be an infection (the browser that uses for example, java or flash extensions) but I just see more possibilities than the infection. The malware scanners will not detect badly written scripts. Also the fact the scanner detected nothing is not a prove there is nothing infected but at this point is simply not possible to conclude.
The fact that there is a problem does not prove there is an infection.

User avatar
Strong Eagle
Moderator
Moderator
Posts: 11062
Joined: Sat, 10 Jul 2004
Location: Off The Red Dot
Contact:

Re: vicious pop-up adds

Postby Strong Eagle » Sat, 20 Feb 2016 8:59 am

x9200 wrote:The fact that there is a problem does not prove there is an infection.


Why do you think there is a problem with the board when no one else is experiencing what you are?

To expand, if no one else is having a problem, and you are, then as they might say, you are having a problem with your TV set, infection or not.

User avatar
x9200
Moderator
Moderator
Posts: 9314
Joined: Mon, 07 Sep 2009
Location: Singapore

Re: vicious pop-up adds

Postby x9200 » Sat, 20 Feb 2016 9:29 am

This I also explained in my pervious message - because with the given variety of the environment there is not enough Linux users on this board to conclude (that this is only me). I have a better question, why do I have that problem only with this board?

User avatar
Strong Eagle
Moderator
Moderator
Posts: 11062
Joined: Sat, 10 Jul 2004
Location: Off The Red Dot
Contact:

Re: vicious pop-up adds

Postby Strong Eagle » Sat, 20 Feb 2016 9:35 am

x9200 wrote:I have a better question, why do I have that problem only with this board?


Because the page code for this forum, PHP BB3, is susceptible to attack.

User avatar
x9200
Moderator
Moderator
Posts: 9314
Joined: Mon, 07 Sep 2009
Location: Singapore

Re: vicious pop-up adds

Postby x9200 » Sat, 20 Feb 2016 10:19 am

Strong Eagle wrote:
x9200 wrote:I have a better question, why do I have that problem only with this board?


Because the page code for this forum, PHP BB3, is susceptible to attack.

How is this related to the hypothetical infection of my browser? You don't mean, somebody hacked the forum, uploaded a malware containing scripts to infect only my firefox browser only under linux and only demonstrating its presence on this forum?

(I am pretty sure some other forums I visited must be the v3 too)

User avatar
Strong Eagle
Moderator
Moderator
Posts: 11062
Joined: Sat, 10 Jul 2004
Location: Off The Red Dot
Contact:

Re: vicious pop-up adds

Postby Strong Eagle » Sat, 20 Feb 2016 1:25 pm

x9200 wrote:
Strong Eagle wrote:
x9200 wrote:I have a better question, why do I have that problem only with this board?


Because the page code for this forum, PHP BB3, is susceptible to attack.

How is this related to the hypothetical infection of my browser? You don't mean, somebody hacked the forum, uploaded a malware containing scripts to infect only my firefox browser only under linux and only demonstrating its presence on this forum?

(I am pretty sure some other forums I visited must be the v3 too)


ZZZZZZZZZZZZZZZZZzzzzzzzzzzzzzzzzzzzzz

It must be magic.

User avatar
x9200
Moderator
Moderator
Posts: 9314
Joined: Mon, 07 Sep 2009
Location: Singapore

Re: vicious pop-up adds

Postby x9200 » Sat, 20 Feb 2016 2:36 pm

Strong Eagle wrote:ZZZZZZZZZZZZZZZZZzzzzzzzzzzzzzzzzzzzzz

It must be magic.

My mother tends to say something like that when I open the CD tray in her pc from the distance of 12k km, but she makes less of the zzz sound.

User avatar
nakatago
Moderator
Moderator
Posts: 8333
Joined: Tue, 01 Sep 2009
Location: Sister Margaret’s School for Wayward Children
Contact:

Re: vicious pop-up adds

Postby nakatago » Tue, 23 Feb 2016 3:53 pm

I don't see popups on my ubuntu machine.

I did, however, see a pop-up blocked from Android* once though.

*I stopped using Tapatalk because the notifications were spammy, the moderation tools didn't work and I couldn't make it work like how I used the forum on a non-mobile device, and the navigation from the app did not make sense.

User avatar
x9200
Moderator
Moderator
Posts: 9314
Joined: Mon, 07 Sep 2009
Location: Singapore

Re: vicious pop-up adds

Postby x9200 » Thu, 25 Feb 2016 9:36 am

An update. I copied the home directory, pasted it under a windows PC and ran the recommended malwarebytes and some other avir soft. I normally use. Nothing detected. But if this is an infection than indeed some magic is in the air. Yesterday, when I fired Firefox up with this forum again the problem was not there. Everything went back to normal.


Sporkin
Chatter
Chatter
Posts: 181
Joined: Fri, 20 Jun 2014

Re: RE: Re: vicious pop-up adds

Postby Sporkin » Thu, 25 Feb 2016 9:57 am

x9200 wrote:An update. I copied the home directory, pasted it under a windows PC and ran the recommended malwarebytes and some other avir soft. I normally use. Nothing detected. But if this is an infection than indeed some magic is in the air. Yesterday, when I fired Firefox up with this forum again the problem was not there. Everything went back to normal.

I'm not sure any malware detector can do cross platform checks given the exploits could be totally different. And the binaries are definitely not similar

Sent from my E6653 using Tapatalk

User avatar
x9200
Moderator
Moderator
Posts: 9314
Joined: Mon, 07 Sep 2009
Location: Singapore

Re: RE: Re: vicious pop-up adds

Postby x9200 » Thu, 25 Feb 2016 11:05 am

Sporkin wrote:
x9200 wrote:An update. I copied the home directory, pasted it under a windows PC and ran the recommended malwarebytes and some other avir soft. I normally use. Nothing detected. But if this is an infection than indeed some magic is in the air. Yesterday, when I fired Firefox up with this forum again the problem was not there. Everything went back to normal.

I'm not sure any malware detector can do cross platform checks given the exploits could be totally different. And the binaries are definitely not similar

Binaries, the globally installed one (i.e. Firefox) to get it infected under Linux one would need to gain a root access. It is possible of course but extremely rare for a virus to propagate this way. For local binaries, I am not sure. Theoretically possible, but I suspect rather impractical – it takes an effort and knowledge to write something like this and with popularity of Linux still rather low, the chances of the malware to spread would not be any significant. For this specific case, why would anybody be bothered to do it just to have probably something like 0.00001% increase in the frequency of advertising?

I believe the only practical option is an infection of the cross-platform software like the mentioned java or flash based. As it is cross-platform, malware scanners should detect it.

SE, you listen to a weird stuff. Scary.


  • Similar Topics
    Replies
    Views
    Last post

Return to “Announcement, Help & FAQ”

Who is online

Users browsing this forum: No registered users and 0 guests