Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Windows Rogue virus


  • Please log in to reply
6 replies to this topic

#1 Capn Easy

Capn Easy

  • Members
  • 597 posts
  • OFFLINE
  •  
  • Location:New Jersey
  • Local time:01:06 PM

Posted 28 October 2010 - 06:03 PM

We have a computer that's used (almost) exclusively by our kids. It had been hit a couple times by viruses, so, at my repeated urging, we finally made it a "Linux only" box. The kids have every functionality they need for school and recreation -- except Itunes. My wife is a Windows person, but still wanted to be the Admin on their computer. I didn't know that she hadn't installed NoScript. (We will!)

Tonight my daughter was on the computer doing research for a homework paper and was using a school site that linked to a science related site. All perfectly legit. As soon as she clicked on the link she was confronted by an official-looking warning screen from "Windows Web Security" that was claiming to find trojans, etc., on the "C:" (sic) hard drive, in folders like WINNT, etc.

My daughter freaked out a bit, but did exactly the right thing and called me upstairs. I told her we were in no danger -- it's Ubuntu ONLY and we don't have a C: drive, etc. I assume that the science site was hacked and that the malware executed a script within Firefox, but no actual virus could have been loaded (she doesn't have admin privileges) and it would be incompatible with Linux's file system and Operating System anyway. (But we cleared all of her browser history, cookies, etc., anyway.)

We also had a good laugh at the broken English warnings from the rogue anti-spyware!

I've linked a couple screen shots for the humor value. If I'm wrong about anything, please let me know!




Posted Image



Posted Image

BC AdBot (Login to Remove)

 


#2 cryptodan

cryptodan

    Bleepin Madman


  • Members
  • 21,868 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Catonsville, Md
  • Local time:05:06 PM

Posted 28 October 2010 - 06:22 PM

Report it to the Site Administrator/Webmaster via the following:

Contact Us
Online Technical Support

> Email: support@factsonfile.com
> Phone: 1-800-322-8755 x. 4230

Online Sales Support

> Email: onlinesales@factsonfile.com
> Phone: 1-800-322-8755

#3 Capn Easy

Capn Easy
  • Topic Starter

  • Members
  • 597 posts
  • OFFLINE
  •  
  • Location:New Jersey
  • Local time:01:06 PM

Posted 28 October 2010 - 06:26 PM

Already on it. :thumbsup:

Also, since it was for a school paper and the link was on a school resource site, I've told her to notify her teacher. Other kids, using the popular brand of OS, could have been hit already.

Edited by Capn Easy, 28 October 2010 - 06:29 PM.


#4 cryptodan

cryptodan

    Bleepin Madman


  • Members
  • 21,868 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Catonsville, Md
  • Local time:05:06 PM

Posted 28 October 2010 - 06:30 PM

Awesome work, and keep it up.

#5 buddy215

buddy215

  • Moderator
  • 13,516 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:West Tennessee
  • Local time:11:06 AM

Posted 29 October 2010 - 02:09 PM

Thanks Capn Easy!
Good selling point for Ubuntu and instructive, too. Already sent this to other Ubuntu users.

While NoScript would have blocked the malware, I have found that many users, especially the younger
ones, will not use it properly and just choose to allow scripts globally. Your post will help to convince
them to do otherwise. Hopefully.
“Every atom in your body came from a star that exploded and the atoms in your left hand probably came from a different star than your right hand. It really is the most poetic thing I know about physics...you are all stardust.”Lawrence M. Krauss
A 1792 U.S. penny, designed in part by Thomas Jefferson and George Washington, reads “Liberty Parent of Science & Industry.”

#6 pacificdenizen

pacificdenizen

  • Members
  • 61 posts
  • OFFLINE
  •  
  • Local time:01:06 PM

Posted 30 May 2011 - 08:27 PM

That is absolutely marvelous. :) You taught her well, too.

I will have to think about this.

#7 NFD

NFD

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:09:06 AM

Posted 20 June 2011 - 12:22 AM

Heh. When I was about 6 a similar thing happened on an Ubuntu box I was using. I raised an eyebrow and killed the browser. (I guess that shows that I'm still a nerd today.)
I've heard of sites serving rogues in both Mac and Windows flavors through user agent sniffing. I wonder if any malware writers would even offhandedly think that this could happen, or even consider an "odd user agent" option. I hope they don't.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users