Results 1 to 4 of 4

Thread: Huge spyware threat on all browsers using sun java found!!!!

  1. #1
    Precision Processor Super Moderator egghead's Avatar
    Join Date
    May 2002
    Location
    In Your Monitor
    Posts
    3,546

    Huge spyware threat on all browsers using sun java found!!!!

    What if there was an infection out there that could bypass Firefox and still get its grubby little paws on IE, and from there, the heart of your OS? What if that same infection could get past not only FF, but a whole raft of other (supposedly more secure) browsers too?

    What if, of all people, Neil Diamond was indirectly involved in this craziness?

    Unfortunately, this has now become a reality and woe betide anyone looking for lyrics from Neil's latest hit. You're more likely to end up with a nasty case of browseritis. After hearing rumours of a Firefox Adware bundle from this thread, I thought I'd go check it out. The results were, as they say, a right kick in the pants.

    But how could this happen?

    The answer is, some sneaky coding is being used to get around your browser of choice. Upon visiting the target website, nothing happens. Nothing that is, unless you have Sun Java Runtime Environment installed on the host machine. And seeing how everyone is being urged to turn away from Microsoft's Java in favour of Sun's version, this could spell problems for browsers currently lording it over IE.

    Think you're safe because you're not actually using IE? Think you're safe because you have IE locked down tight with HOST files, Spywareblaster and the inbuilt security settings cranked up to the max? Wrong. This is a shot of IE with the infection domain already added to the "Restricted Sites" zone in Internet Options. Note the "ironic" affiliate banner for Firefox.

    http://www.vitalsecurity.org/2005/03...nfects-ie.html


    OMG
    egghead


    ------------------------------------------------------------



  2. #2
    Titanium Member
    Join Date
    Jul 2002
    Location
    blk helo target, WA
    Posts
    3,536
    I do not have java enabled.

    *edit - what's the big deal? It pops up a dialog asking for permission - unlike that classloader trojan. Just say no.
    Last edited by lynchknot; March 12th, 2005 at 19:39 PM.

  3. #3
    Precision Processor Super Moderator egghead's Avatar
    Join Date
    May 2002
    Location
    In Your Monitor
    Posts
    3,546
    Quote Originally Posted by lynchknot
    I do not have java enabled.

    *edit - what's the big deal? It pops up a dialog asking for permission - unlike that classloader trojan. Just say no.
    yep

    the article wording was missleading

    i feel better knowing you get a prompt.
    ------------------------------------------------------------



  4. #4
    Titanium Member
    Join Date
    Jul 2002
    Location
    blk helo target, WA
    Posts
    3,536
    my dear watson, please deduce:

    It pops up a dialog asking for permission - unlike that classloader trojan.
    as for intricate details, I don't know.
    Last edited by lynchknot; March 14th, 2005 at 18:09 PM.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •