Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Websites with nasty stuff


  • Please log in to reply
11 replies to this topic

#1 johnsig

johnsig

  • Members
  • 95 posts
  • OFFLINE
  •  
  • Local time:03:49 AM

Posted 19 January 2017 - 03:46 PM

I frequent the website:

https://www.batmanstream.com/other-live-streaming-video-7.html

primarily to follow broadcasts of professional snooker not available in the US.

This site seems innocent enough and lists links that take you to the content you desire.

 

An example is

live.robinwidget.com  (Warning: Open this at your own risk)

 

This site assails you with popups, the most common telling you to update flash to be able to watch.  In the past I have been able to safely ignore these and watch my snooker.  Lately the site occasionally breaks in with the warning from Microsoft that it has detected a virus and is locking my computer to prevent its spread. I then have to shut the browser completely down, sometimes by restarting the computer.  To my knowledge this has never actually resulted in a virus and I normally can return to watching after reopening the browser.

 

Is there a way to defend against this or am I just courting trouble by visiting.


Edited by johnsig, 19 January 2017 - 05:20 PM.


BC AdBot (Login to Remove)

 


#2 Viper_Security

Viper_Security

  • Members
  • 826 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:127.0.0.1
  • Local time:12:49 AM

Posted 19 January 2017 - 03:51 PM

You could use AdBlock Plus. Then block Pop-Ups.

 

That "message" from microsoft was not from microsoft, they don't care if you're infected or not. It was a scam attempt by a redirect.

 

Do NOT download the flash it tells you to, it will be malware/virus. 

 

The safest way.. avoid the website.  

 

Also if that link is potentially malicious i recommend removing the hyper link. or changing it so it's not an actual link, some users may be infected by clicking that link. 


Edited by Viper_Security, 19 January 2017 - 03:53 PM.

    IT Auditor & Security Professional

hQBT2G3.png


#3 shelf life

shelf life

  • Malware Response Team
  • 2,653 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:@localhost
  • Local time:03:49 AM

Posted 19 January 2017 - 05:06 PM

Dont know what browser you use but one of my favorite addons in Firefox is Request Policy which allows you to control cross site requests. Great for cleaning up those annoying web pages.


How Can I Reduce My Risk to Malware?


#4 johnsig

johnsig
  • Topic Starter

  • Members
  • 95 posts
  • OFFLINE
  •  
  • Local time:03:49 AM

Posted 19 January 2017 - 05:21 PM

I use mostly Firefox and will try that.



#5 Viper_Security

Viper_Security

  • Members
  • 826 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:127.0.0.1
  • Local time:12:49 AM

Posted 19 January 2017 - 05:40 PM

Like shelf life i use some addons to help, Ghostery is another useful one.


    IT Auditor & Security Professional

hQBT2G3.png


#6 Didier Stevens

Didier Stevens

  • BC Advisor
  • 2,698 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:09:49 AM

Posted 19 January 2017 - 06:40 PM

What browser are you using?

 

I went to the website in a VM with IE and Chrome, and I get all kinds of adds and pop-ups, but no downloads for flash.

Unless you need to register? When I clicked on "download extension", I need to register. I tried that with a throwaway e-mail address, but then it asks for a credit card.


Didier Stevens
http://blog.DidierStevens.com
http://DidierStevensLabs.com

SANS ISC Senior Handler
Microsoft MVP 2011-2016 Consumer Security, Windows Insider MVP 2016-2019
MVP_Horizontal_BlueOnly.png

 

If you send me messages, per Bleeping Computer's Forum policy, I will not engage in a conversation, but try to answer your question in the relevant forum post. If you don't want this, don't send me messages.

 

Stevens' law: "As an online security discussion grows longer, the probability of a reference to BadUSB approaches 1.0"


#7 Viper_Security

Viper_Security

  • Members
  • 826 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:127.0.0.1
  • Local time:12:49 AM

Posted 19 January 2017 - 06:49 PM

What browser are you using?

 

I went to the website in a VM with IE and Chrome, and I get all kinds of adds and pop-ups, but no downloads for flash.

Unless you need to register? When I clicked on "download extension", I need to register. I tried that with a throwaway e-mail address, but then it asks for a credit card.

 I've tried with vivaldi, Chrome, and firefox. nothing happened, but a video started loading. (pool i believe) 

 

But i am on Linux, with AdBlockPlus, Ghostery. 

 

Maybe it recognizes your user agent and that you're on windows?


    IT Auditor & Security Professional

hQBT2G3.png


#8 johnsig

johnsig
  • Topic Starter

  • Members
  • 95 posts
  • OFFLINE
  •  
  • Local time:03:49 AM

Posted 19 January 2017 - 07:08 PM

Gratified at the response. I access with both Firefox and IE and get similar results with both. Snooker matches are scheduled for the next 3 days at 08:00 and 14:00 EST.  It will look like pool to the uninitiated.



#9 Viper_Security

Viper_Security

  • Members
  • 826 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:127.0.0.1
  • Local time:12:49 AM

Posted 19 January 2017 - 07:18 PM

Gratified at the response. I access with both Firefox and IE and get similar results with both. Snooker matches are scheduled for the next 3 days at 08:00 and 14:00 EST.  It will look like pool to the uninitiated.

 haha i wasn't sure what the site did so i only let it open for a few second all i saw was what seemed to be a "pool cue" haha.

 

i will test this site on a windows machine once i get to one.


    IT Auditor & Security Professional

hQBT2G3.png


#10 johnsig

johnsig
  • Topic Starter

  • Members
  • 95 posts
  • OFFLINE
  •  
  • Local time:03:49 AM

Posted 20 January 2017 - 09:49 AM

Request Policy won't even let me click through to the snooker unless I disable it.  Adblock seems to be working nicely, don't know why I didn't try that before.



#11 HolyCowz

HolyCowz

  • Members
  • 168 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:GMT
  • Local time:08:49 AM

Posted 20 January 2017 - 02:03 PM

I went to the site and got no pop ups I'm windows 10 but it's a weird site low end site and the name give's it to me a site to avoid doesn't feel right. I certainly wouldn't hand over credit card details to batman lol The streams are from lots of other sites to.

 

You can watch snooker live on the bbc site and the other has loads of info both legit.

http://www.worldsnooker.com/

 

http://www.bbc.co.uk/sport/snooker


Edited by HolyCowz, 20 January 2017 - 02:05 PM.


#12 johnsig

johnsig
  • Topic Starter

  • Members
  • 95 posts
  • OFFLINE
  •  
  • Local time:03:49 AM

Posted 20 January 2017 - 02:52 PM

Thanks but Eurosport, Sky, and the BBC are blocked in the US. I may be the only fan in the country :lmao:






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users