Something nasty in my tech preview

simrick · 10 Oct 2015

ije71 said:

There is no need to install any software or run any scans with these things, simply ctrl alt del and end edge browser, open word pad and type Google or any other web address, click on it and when asked if you want to open the link click yes and edge will open on the address you typed and you can now take pleasure in killing the offending tab.:)

Well, that may solve the problem of opening the browser, but you really have no idea what was "dropped" on the computer during the attack, so I think scans are an important part of this.

ije71 · 12 Oct 2015

simrick said:

Well, that may solve the problem of opening the browser, but you really have no idea what was "dropped" on the computer during the attack, so I think scans are an important part of this.

Nothing is "dropped", its just a script from an advertisement. It's also a bit difficult to install adwcleaner, Malwarebytes, hitman pro ect. on the affected system when they don't have access to the browser on that system. This gives them their browser back to install as may cleaners as they like so feel free to scan away, better safe than sorry I suppose but if it was clean before it will be clean after.

simrick · 12 Oct 2015

ije71 said:

Nothing is "dropped", its just a script from an advertisement. It's also a bit difficult to install adwcleaner, Malwarebytes, hitman pro ect. on the affected system when they don't have access to the browser on that system. This gives them their browser back to install as may cleaners as they like so feel free to scan away, better safe than sorry I suppose but if it was clean before it will be clean after.

Sorry, but I disagree. Matter of fact, I have personally cleaned computers infected by malicious ads.

https://en.wikipedia.org/wiki/Malvertising

Malvertising is a fairly new concept for spreading malware and is even harder to combat because it can work its way into a webpage and spread through a system unknowingly: "The interesting thing about infections delivered through malvertising is that it does not require any user action (like clicking) to compromise the system and it does not exploit any vulnerabilities on the website or the server it is hosted from... infections delivered through malvertising silently travel through Web page advertisements." ^[7] It is able to expose millions of users to malware, even the most cautious, and is growing rapidly: "In 2012, it was estimated nearly 10 billion ad impressions were compromised by malvertising." ^[2] Attackers have a very wide reach and are able to deliver these attacks easily through advertisement networks. Companies and websites have had difficulty diminishing the number of malvertising attacks, which "suggests that this attack vector isn’t likely to disappear soon." ^[6]