Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Can you get a virus just by clicking a link/image?


  • Please log in to reply
8 replies to this topic

#1 DaViD_MiLLs

DaViD_MiLLs

  • Members
  • 26 posts
  • OFFLINE
  •  
  • Local time:07:08 PM

Posted 20 July 2011 - 09:00 AM

I have been told several things by many different people and I just want to know the truth. I've been told that you cannot get a virus/malware/spyware just by clicking on a link or image, it always needs permission to download(they even go as far as to say you don't need any antivirus because of this). I have also been told that if you click on a link or image, you will get the virus in some cases, meaning the virus does not need permission, it will auto download and you're infected.

I clean computers every day and regularly have customers come in who claim they did nothing but click a link and have become infected. Sometimes it's email or Facebook links. Other times it's just random websites they happen to click on.

So the question is, can you in fact get a virus/malware/spyware from only clicking on a link?

Thanks in advance for the replies.

BC AdBot (Login to Remove)

 


#2 Blade

Blade

    Strong in the Bleepforce


  • Site Admin
  • 12,704 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:US
  • Local time:09:08 PM

Posted 20 July 2011 - 09:20 AM

If the software on the machine isn't fully patched, then yes, you definitely can.

Even if you're fully patched there are threats that surface for which patches have not yet been written.

The number one way to protect yourself is to practice safe browsing habits.

Google "image poisoning". . . that should shed some light on how clicking an image can result in infection.

Hope that helps,

~Blade

Posted Image

If I am helping you, it has been 48 hours since your last post, and I have yet to reply to your topic, please send me a PM
Become a BleepingComputer fan: Facebook
Follow us on Twitter!
Circle us on Google+


#3 Didier Stevens

Didier Stevens

  • BC Advisor
  • 2,672 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:03:08 AM

Posted 20 July 2011 - 09:41 AM

So the question is, can you in fact get a virus/malware/spyware from only clicking on a link?


Short answer: yes.

Longer explanation: it is not the link itself that can infect your computer, but it's actually the content that is downloaded and rendered from said link that can infect your computer.

Didier Stevens
http://blog.DidierStevens.com
http://DidierStevensLabs.com

SANS ISC Handler
Microsoft MVP 2011-2016 Consumer Security, Windows Insider MVP 2016-2018
MVP_Horizontal_BlueOnly.png

 

If you send me messages, per Bleeping Computer's Forum policy, I will not engage in a conversation, but try to answer your question in the relevant forum post. If you don't want this, don't send me messages.

 

Stevens' law: "As an online security discussion grows longer, the probability of a reference to BadUSB approaches 1.0"


#4 frankp316

frankp316

  • Members
  • 2,677 posts
  • OFFLINE
  •  
  • Local time:08:08 PM

Posted 20 July 2011 - 11:20 AM

You can also get an infection from a malicious ad on a legit website. And drive by infections are especially common on Facebook which is why I stay away from it.

#5 DaViD_MiLLs

DaViD_MiLLs
  • Topic Starter

  • Members
  • 26 posts
  • OFFLINE
  •  
  • Local time:07:08 PM

Posted 20 July 2011 - 08:12 PM

Ok. Thanks for the replies.

Blade, when you talk about the software 'being fully patched' you're talking about everything being up to date and it's most secure, right? Like if you're running Adobe Reader 9 instead of the most up to date version, a bug could slip through because it's has security issues? Same with antivirus programs and everything thing else with the ability to be compromised?

So if a user is running a Norton AV that the subscription has run out on and they just ignore the request to update(resubscribe), just clicking on a link can infect them, without any prompting for downloads or approval?

Didier, thanks for the response. I do understand it's not the link itself. I often click on links that prompt me to download or install fake antivirus/malicious software/spyware though I never allow them to do so.

Frank, I have never gotten into Facebook, but I know a lot of people get infected from Facebook. I do understand what you're saying about legit websites/programs and the hidden content being possibly malicious as well as 'drive by' attacks.

Thanks again for the responses.

#6 frankp316

frankp316

  • Members
  • 2,677 posts
  • OFFLINE
  •  
  • Local time:08:08 PM

Posted 21 July 2011 - 11:14 AM

Even if a user has an active firewall and anti virus, they can't prevent a virus from users who mindlessly click on every link that is emailed to them or sent to them by Facebook or Twitter. At some point, users have to show some common sense and be more vigilant. If I get sent a link by Twitter and I don't know the person, I don't click on it. I check their profile and report it if it's a spam account. You can't protect users who refuse to learn.

#7 Blade

Blade

    Strong in the Bleepforce


  • Site Admin
  • 12,704 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:US
  • Local time:09:08 PM

Posted 21 July 2011 - 04:24 PM

Ok. Thanks for the replies.

Blade, when you talk about the software 'being fully patched' you're talking about everything being up to date and it's most secure, right? Like if you're running Adobe Reader 9 instead of the most up to date version, a bug could slip through because it's has security issues? Same with antivirus programs and everything thing else with the ability to be compromised?


Correct :)

Posted Image

If I am helping you, it has been 48 hours since your last post, and I have yet to reply to your topic, please send me a PM
Become a BleepingComputer fan: Facebook
Follow us on Twitter!
Circle us on Google+


#8 Patience Limited

Patience Limited

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Local time:09:08 PM

Posted 21 July 2011 - 08:45 PM

Yes, you can get a virus just by clicking a link or linked image, especially with older Windows operating systems and older browser versions.

Most websites use JavaScript, Flash or ActiveX components to display page elements, read form input, launch pop-up windows or perform other actions. These packages have the ability to do most of the things a native executable program can do - write files to your drive, download content from other locations, and so on.

Even though computer operating systems place limits on what programs can do without specific user intervention and where they can write data, there are always holes in this security. Most of these vulnerabilities are discovered eventually by vendors, security "white hats" or malicious "black hats". Vendors may provide updated versions to secure these vulnerabilities, but users often fail to run updates...

The above is true regardless of which operating system you're using. Windows 7, Mac and Linux are exposed to the same malicious site code as older Windows versions, but the underlying operating systems have fewer exploited vulnerabilities.

Many holes don't get patched before malware writers exploit them, so websites are an ideal way to expose thousands or millions of potentially vulnerable computers to infection. This malware distribution model is so effective that popular legitimate sites (MSNBC and the New York Times are recent examples) and advertising distributors have been repeatedly hacked to insert malicious code.

If your browser doesn't have the correct limits on what scripts and plug-ins can do, and your operating system is vulnerable, a website with malicious code can initiate a malware download and installation onto your computer without any other intervention. When you click on a link in HTML e-mail, your browser attempts to load that site and runs any scripts specified in its code just as if you had entered the URL in an open browser window.

Google Chrome 12, Firefox 5 and Internet Explorer 9 browser versions "sandbox" running scripts to help ensure that any changes they make are temporary and erased when the browser closes - everyone should upgrade to one of these browsers.

#9 DaViD_MiLLs

DaViD_MiLLs
  • Topic Starter

  • Members
  • 26 posts
  • OFFLINE
  •  
  • Local time:07:08 PM

Posted 26 July 2011 - 08:49 AM


Ok. Thanks for the replies.

Blade, when you talk about the software 'being fully patched' you're talking about everything being up to date and it's most secure, right? Like if you're running Adobe Reader 9 instead of the most up to date version, a bug could slip through because it's has security issues? Same with antivirus programs and everything thing else with the ability to be compromised?


Correct :)


Thanks.

Patience, that is exactly what I was looking for. Thanks for the post.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users