Opera the safest browser!

danjmilos · 16. Jan 2011, 03:17 AM

I’ve been using Opera as my main browser since 9.5 or something close to that. I’m using 11.X now and it continues to impress me. While I was at work yesterday my wife was looking at some clip art sites looking for a Logo I needed for a project when something hit, it immediately took the tab and put a “Security Center” title to the tab and showed a “My Computer” window with all these red flashing warnings under each disc, folder and optical drive with all kinds of numbers and spyware and virus and rootkit names for the infections in them. There were dreading thoughts going through my mind when I heard those words on the phone while still at work and being unable to do anything about it. There were also boxes to click to get help to remove these “problems”. The first thing I said was do not click any of them, shut off the modem and I would look at as soon as I got home. I also told her to move the mouse every hour or so to keep the computer from hibernating, I was thinking a restart even from hibernation might cause more trouble than I could handle.

When I got home it was down into the basement to see if I could muck my way along and not cause more things to get worse. First thing I did was open a new tab without closing the problem tab. Next I opened Ccleaner ran it and deleted all the temp files there. Revo was next going to tools and track cleaning and deleting there also, at that point I closed the bad tab and then the browser, turned the modem back on and hoped for the best. On making it’s connection nothing happened, a good sign. Opened MBAM and updated ran a quickie nothing found, did the same with SAS again nothing. Finally avast still nothing felt really great. Ate some supper then ran complete scans with all and still clean. At that point I knew a bullet had been dodged big time and told my wife as much.

Thinking about Opera with it’s new AVG security it made a difference, kept the malware from latching right on to the computer and giving me a big headache instead of the little time I spent running scans to find out it was clean, makes me glad my wife wasn’t on IE when this happened like she usually is!

Dan

J_L · 16. Jan 2011, 07:13 AM

How did Opera prevent the malware? Didn't you say that the fake scan page took over the browser?

Ritho · 16. Jan 2011, 08:09 AM

What you describe is just a trick site. You were not in the danger you supposed you were in.

I bet it looked something like this?

This was just a scare tactic site. It is all just an in browser animation, which tries to get you to download programs to fix the problems. If someone falls for the scam and downloads and installs the tool they end up getting a fake or rogue antivirus, and malware.

What is funny is I have run across those sites while using the internet in Linux, and of course the website that loads in the browser still looks like Windows. That is the whole idea though. Many people think that somehow what is being shown to them is really their computer, when in reality it is just a cleverly designed webpage.

There is nothing to worry about unless you download and install the "fix." Since it is not an active exploit of a browser flaw, you are not in any danger no matter what browser you are using, because it is just a trick. Opera did not prevent this any more than any other browser would have.

Read more about it here http://nakedsecurity.sophos.com/2009...s-exploit-911/ and here is another example http://www.geekpolice.net/t14376-07r...om-information

Concerned User · 16. Jan 2011, 08:17 AM

@ Ritho: yes that's the one.

I've experienced this with Firefox roughly one year ago. The funniest (or saddest) part was I stumbled upon the rogue site by pure accident.

I saw this and closed the tab. The folder image was quite deceptive. This has nothing to do with the browser you're using.

danjmilos · 16. Jan 2011, 04:58 PM

Ritho,

The images you show are the exact ones, my only concerns with the take over of the tab was if my wife had closed Opera that the saving of the files to the temp folder on my computer might have started a chain reaction I would still be cleaning up today. My thought is once saved to the hard drive it would attack from within. This is a very insidious method to trap novices and the unaware, I was really glad my wife called. Plus she did not click on anything. I hope this short thread helps anyone who reads it.

Dan

J.L.,

I do not know if it stopped any malware, just the thought it did helps keep my wife comfortable on line. She knows next to nothing about computers and I'm not real for ahead of a novice.

Dan

bo.elam · 16. Jan 2011, 05:16 PM

Using Firefox with NoScript and a hardened Sandboxie stops this danger before
it starts. FF wont even display anything.

Bo

Ghost · 16. Jan 2011, 05:40 PM

Quote:

Originally Posted by Ritho

What you describe is just a trick site. You were not in the danger you supposed you were in.

I bet it looked something like this?

[/B]

The funny thing about these rogue antivirus programs, at least if you're a native English speaker, is how illiterate they are! Look at the 'Windows Security Alert' and the statement beside the shield '...Windows Web Security has detected trojans and ready to remove them.' Even better is the second sentence at the bottom of the 'Alert': 'Gathered information can be passwords, e-mail addresses and all that data, which is important for you.' I am surprised they didn't go the whole hog and just say 'all that stuff'!

Concerned User · 16. Jan 2011, 06:22 PM

Quote:

Originally Posted by bo.elam

Using Firefox with NoScript and a hardened Sandboxie stops this danger before
it starts. FF wont even display anything.

Bo

@ bo: not exactly...As far as I can remember, I did have noscript in my browser and I remember seeing the fake explorer window

..The only option then would be to close the tab without clicking anything that is displayed in the browser window (which I did).

Ritho · 16. Jan 2011, 06:49 PM

Quote:

Originally Posted by Ghost

The funny thing about these rogue antivirus programs, at least if you're a native English speaker, is how illiterate they are! Look at the 'Windows Security Alert' and the statement beside the shield '...Windows Web Security has detected trojans and ready to remove them.' Even better is the second sentence at the bottom of the 'Alert': 'Gathered information can be passwords, e-mail addresses and all that data, which is important for you.' I am surprised they didn't go the whole hog and just say 'all that stuff'!

You missed one. "527 threats was found"

bo.elam · 16. Jan 2011, 07:58 PM

Quote:

Originally Posted by Concerned User

@ bo: not exactly...As far as I can remember, I did have noscript in my browser and I remember seeing the fake explorer window

..The only option then would be to close the tab without clicking anything that is displayed in the browser window (which I did).

I believe this type of malware need Java script installed or enabled to be
displayed, but I don't know maybe some dont need Java script. I have
my JS disabled on all sites, only allowing it on sites that I know and need
to enable it.. Anyway, combining SBIE and NoScript is almost 100%
guarantee that this type of malware wont do nothing.

Bo

16. Jan 2011, 03:17 AM	#1 (permalink)
danjmilos Senior Member Join Date: Mar 2009 Location: Steeler Nation Capitol Posts: 130	Opera the safest browser! I’ve been using Opera as my main browser since 9.5 or something close to that. I’m using 11.X now and it continues to impress me. While I was at work yesterday my wife was looking at some clip art sites looking for a Logo I needed for a project when something hit, it immediately took the tab and put a “Security Center” title to the tab and showed a “My Computer” window with all these red flashing warnings under each disc, folder and optical drive with all kinds of numbers and spyware and virus and rootkit names for the infections in them. There were dreading thoughts going through my mind when I heard those words on the phone while still at work and being unable to do anything about it. There were also boxes to click to get help to remove these “problems”. The first thing I said was do not click any of them, shut off the modem and I would look at as soon as I got home. I also told her to move the mouse every hour or so to keep the computer from hibernating, I was thinking a restart even from hibernation might cause more trouble than I could handle. When I got home it was down into the basement to see if I could muck my way along and not cause more things to get worse. First thing I did was open a new tab without closing the problem tab. Next I opened Ccleaner ran it and deleted all the temp files there. Revo was next going to tools and track cleaning and deleting there also, at that point I closed the bad tab and then the browser, turned the modem back on and hoped for the best. On making it’s connection nothing happened, a good sign. Opened MBAM and updated ran a quickie nothing found, did the same with SAS again nothing. Finally avast still nothing felt really great. Ate some supper then ran complete scans with all and still clean. At that point I knew a bullet had been dodged big time and told my wife as much. Thinking about Opera with it’s new AVG security it made a difference, kept the malware from latching right on to the computer and giving me a big headache instead of the little time I spent running scans to find out it was clean, makes me glad my wife wasn’t on IE when this happened like she usually is! Dan

16. Jan 2011, 08:09 AM	#3 (permalink)
Ritho Foundation Editor Join Date: Apr 2008 Location: Planet Earth Posts: 1,391	What you describe is just a trick site. You were not in the danger you supposed you were in. I bet it looked something like this? This was just a scare tactic site. It is all just an in browser animation, which tries to get you to download programs to fix the problems. If someone falls for the scam and downloads and installs the tool they end up getting a fake or rogue antivirus, and malware. What is funny is I have run across those sites while using the internet in Linux, and of course the website that loads in the browser still looks like Windows. That is the whole idea though. Many people think that somehow what is being shown to them is really their computer, when in reality it is just a cleverly designed webpage. There is nothing to worry about unless you download and install the "fix." Since it is not an active exploit of a browser flaw, you are not in any danger no matter what browser you are using, because it is just a trick. Opera did not prevent this any more than any other browser would have. Read more about it here http://nakedsecurity.sophos.com/2009...s-exploit-911/ and here is another example http://www.geekpolice.net/t14376-07r...om-information __________________ The smallest good deed is better than the greatest intention. Last edited by Ritho; 16. Jan 2011 at 08:18 AM.

Thread Tools
Show Printable Version Email this Page
Display Modes
Linear Mode Switch to Hybrid Mode Switch to Threaded Mode

16. Jan 2011, 07:13 AM	#2 (permalink)
J_L Co-Author, Best Free Security List Join Date: Dec 2008 Posts: 1,475	How did Opera prevent the malware? Didn't you say that the fake scan page took over the browser?

16. Jan 2011, 08:17 AM	#4 (permalink)
Concerned User Editor Join Date: Apr 2010 Location: இந்தியா, सिन्धु, India Posts: 324	@ Ritho: yes that's the one. I've experienced this with Firefox roughly one year ago. The funniest (or saddest) part was I stumbled upon the rogue site by pure accident. I saw this and closed the tab. The folder image was quite deceptive. This has nothing to do with the browser you're using.

16. Jan 2011, 04:58 PM	#5 (permalink)
danjmilos Senior Member Join Date: Mar 2009 Location: Steeler Nation Capitol Posts: 130	Ritho, The images you show are the exact ones, my only concerns with the take over of the tab was if my wife had closed Opera that the saving of the files to the temp folder on my computer might have started a chain reaction I would still be cleaning up today. My thought is once saved to the hard drive it would attack from within. This is a very insidious method to trap novices and the unaware, I was really glad my wife called. Plus she did not click on anything. I hope this short thread helps anyone who reads it. Dan J.L., I do not know if it stopped any malware, just the thought it did helps keep my wife comfortable on line. She knows next to nothing about computers and I'm not real for ahead of a novice. Dan

16. Jan 2011, 05:16 PM	#6 (permalink)
bo.elam Senior Member Join Date: Nov 2009 Posts: 1,224	Using Firefox with NoScript and a hardened Sandboxie stops this danger before it starts. FF wont even display anything. Bo