Gizmos Freeware Reviews  

Go Back   Gizmo's Freeware Forum > Debating Chamber > Internet, Web Apps and Networking

Reply
 
Thread Tools Display Modes
Old 16. Jan 2011, 04:17 AM   #1 (permalink)
Senior Member
 
danjmilos's Avatar
 
Join Date: Mar 2009
Location: Steeler Nation Capitol
Posts: 127
Default Opera the safest browser!

I’ve been using Opera as my main browser since 9.5 or something close to that. I’m using 11.X now and it continues to impress me. While I was at work yesterday my wife was looking at some clip art sites looking for a Logo I needed for a project when something hit, it immediately took the tab and put a “Security Center” title to the tab and showed a “My Computer” window with all these red flashing warnings under each disc, folder and optical drive with all kinds of numbers and spyware and virus and rootkit names for the infections in them. There were dreading thoughts going through my mind when I heard those words on the phone while still at work and being unable to do anything about it. There were also boxes to click to get help to remove these “problems”. The first thing I said was do not click any of them, shut off the modem and I would look at as soon as I got home. I also told her to move the mouse every hour or so to keep the computer from hibernating, I was thinking a restart even from hibernation might cause more trouble than I could handle.

When I got home it was down into the basement to see if I could muck my way along and not cause more things to get worse. First thing I did was open a new tab without closing the problem tab. Next I opened Ccleaner ran it and deleted all the temp files there. Revo was next going to tools and track cleaning and deleting there also, at that point I closed the bad tab and then the browser, turned the modem back on and hoped for the best. On making it’s connection nothing happened, a good sign. Opened MBAM and updated ran a quickie nothing found, did the same with SAS again nothing. Finally avast still nothing felt really great. Ate some supper then ran complete scans with all and still clean. At that point I knew a bullet had been dodged big time and told my wife as much.

Thinking about Opera with it’s new AVG security it made a difference, kept the malware from latching right on to the computer and giving me a big headache instead of the little time I spent running scans to find out it was clean, makes me glad my wife wasn’t on IE when this happened like she usually is!

Dan
danjmilos is offline   Reply With Quote
Old 16. Jan 2011, 08:13 AM   #2 (permalink)
J_L
Co-Author, Best Free Security List
 
J_L's Avatar
 
Join Date: Dec 2008
Posts: 2,003
Default

How did Opera prevent the malware? Didn't you say that the fake scan page took over the browser?
J_L is offline   Reply With Quote
Old 16. Jan 2011, 09:09 AM   #3 (permalink)
Senior Member
 
Ritho's Avatar
 
Join Date: Apr 2008
Location: Planet Earth
Posts: 1,379
Default

What you describe is just a trick site. You were not in the danger you supposed you were in.

I bet it looked something like this?



This was just a scare tactic site. It is all just an in browser animation, which tries to get you to download programs to fix the problems. If someone falls for the scam and downloads and installs the tool they end up getting a fake or rogue antivirus, and malware.

What is funny is I have run across those sites while using the internet in Linux, and of course the website that loads in the browser still looks like Windows. That is the whole idea though. Many people think that somehow what is being shown to them is really their computer, when in reality it is just a cleverly designed webpage.

There is nothing to worry about unless you download and install the "fix." Since it is not an active exploit of a browser flaw, you are not in any danger no matter what browser you are using, because it is just a trick. Opera did not prevent this any more than any other browser would have.

Read more about it here http://nakedsecurity.sophos.com/2009...s-exploit-911/ and here is another example http://www.geekpolice.net/t14376-07r...om-information
__________________
The smallest good deed is better than the greatest intention.

Last edited by Ritho; 16. Jan 2011 at 09:18 AM.
Ritho is offline   Reply With Quote
Old 16. Jan 2011, 09:17 AM   #4 (permalink)
Senior Member
 
Concerned User's Avatar
 
Join Date: Apr 2010
Location: இந்தியா, सिन्धु, India
Posts: 486
Default

@ Ritho: yes that's the one.

I've experienced this with Firefox roughly one year ago. The funniest (or saddest) part was I stumbled upon the rogue site by pure accident.

I saw this and closed the tab. The folder image was quite deceptive. This has nothing to do with the browser you're using.
Concerned User is offline   Reply With Quote
Old 16. Jan 2011, 05:58 PM   #5 (permalink)
Senior Member
 
danjmilos's Avatar
 
Join Date: Mar 2009
Location: Steeler Nation Capitol
Posts: 127
Default

Ritho,

The images you show are the exact ones, my only concerns with the take over of the tab was if my wife had closed Opera that the saving of the files to the temp folder on my computer might have started a chain reaction I would still be cleaning up today. My thought is once saved to the hard drive it would attack from within. This is a very insidious method to trap novices and the unaware, I was really glad my wife called. Plus she did not click on anything. I hope this short thread helps anyone who reads it.

Dan

J.L.,

I do not know if it stopped any malware, just the thought it did helps keep my wife comfortable on line. She knows next to nothing about computers and I'm not real for ahead of a novice.

Dan
danjmilos is offline   Reply With Quote
Old 16. Jan 2011, 06:16 PM   #6 (permalink)
Senior Member
 
bo.elam's Avatar
 
Join Date: Nov 2009
Posts: 1,714
Default

Using Firefox with NoScript and a hardened Sandboxie stops this danger before
it starts. FF wont even display anything.

Bo
bo.elam is offline   Reply With Quote
Old 16. Jan 2011, 06:40 PM   #7 (permalink)
Member
 
Join Date: Apr 2010
Location: Dublin
Posts: 25
Default

Quote:
Originally Posted by Ritho View Post
What you describe is just a trick site. You were not in the danger you supposed you were in.

I bet it looked something like this?




[/B]

The funny thing about these rogue antivirus programs, at least if you're a native English speaker, is how illiterate they are! Look at the 'Windows Security Alert' and the statement beside the shield '...Windows Web Security has detected trojans and ready to remove them.' Even better is the second sentence at the bottom of the 'Alert': 'Gathered information can be passwords, e-mail addresses and all that data, which is important for you.' I am surprised they didn't go the whole hog and just say 'all that stuff'!
Ghost is offline   Reply With Quote
Old 16. Jan 2011, 07:22 PM   #8 (permalink)
Senior Member
 
Concerned User's Avatar
 
Join Date: Apr 2010
Location: இந்தியா, सिन्धु, India
Posts: 486
Default

Quote:
Originally Posted by bo.elam View Post
Using Firefox with NoScript and a hardened Sandboxie stops this danger before
it starts. FF wont even display anything.

Bo
@ bo: not exactly...As far as I can remember, I did have noscript in my browser and I remember seeing the fake explorer window ..The only option then would be to close the tab without clicking anything that is displayed in the browser window (which I did).
Concerned User is offline   Reply With Quote
Old 16. Jan 2011, 07:49 PM   #9 (permalink)
Senior Member
 
Ritho's Avatar
 
Join Date: Apr 2008
Location: Planet Earth
Posts: 1,379
Default

Quote:
Originally Posted by Ghost View Post
The funny thing about these rogue antivirus programs, at least if you're a native English speaker, is how illiterate they are! Look at the 'Windows Security Alert' and the statement beside the shield '...Windows Web Security has detected trojans and ready to remove them.' Even better is the second sentence at the bottom of the 'Alert': 'Gathered information can be passwords, e-mail addresses and all that data, which is important for you.' I am surprised they didn't go the whole hog and just say 'all that stuff'!
You missed one. "527 threats was found"
__________________
The smallest good deed is better than the greatest intention.
Ritho is offline   Reply With Quote
Old 16. Jan 2011, 08:58 PM   #10 (permalink)
Senior Member
 
bo.elam's Avatar
 
Join Date: Nov 2009
Posts: 1,714
Default

Quote:
Originally Posted by Concerned User View Post
@ bo: not exactly...As far as I can remember, I did have noscript in my browser and I remember seeing the fake explorer window ..The only option then would be to close the tab without clicking anything that is displayed in the browser window (which I did).
I believe this type of malware need Java script installed or enabled to be
displayed, but I don't know maybe some dont need Java script. I have
my JS disabled on all sites, only allowing it on sites that I know and need
to enable it.. Anyway, combining SBIE and NoScript is almost 100%
guarantee that this type of malware wont do nothing.

Bo
bo.elam is offline   Reply With Quote
Reply

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are Off
Pingbacks are Off
Refbacks are Off



All times are GMT +1. The time now is 12:18 PM.


Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2020, vBulletin Solutions, Inc.