Bogus Web pages

Alphax alphasigmax at gmail.com
Tue Dec 5 13:59:39 CST 2006 

paul wrote:
> Brian wrote:
> 
>> Have others been coping a lot of problematic web pages recently. I
>> am coming across a lot wanting to scan my browser or scan my system
>> for one thing or another. They seem to be triggered by a page that
>> was inadvertently visited for a news item or google search. It
>> reminds me of the bad days of Windows when nag screens were
>> everywhere. In Opera for example they seem to load a page in the
>> background. When I hit the appropriate tab - there it is staring at
>> me.
>> 
>> This was one - part address only http://www.systemdoctor.com -- 
>> Powered by Suse Linux 9.2
> 
> Yep! This is a very disinegenuous page that would trick/scare new
> computer users:
> 
> http://www.amaena.com/securityworm81/?p=4&ax=1&ex=1&h=10&aid=tram
> 
> or
> 
> http://www.amaena.com/securityworm81/
> 

Huh, it resized Firefox for me.

> A window.onunload handler in
> http://www.amaena.com/securityworm81/functions.js.php alerts the
> following no matter what OS is in use:
> 
> function OnUnloadHandler() { bResult = confirm('NOTICE: You have not
> completed the scan.   There is a security vulnerability from the
> Serwab.  We recommend you DOWNLOAD one of the security software
> programs to prevent malware infections'); }
> 
> An .exe file is then pushed to the user after the above scarey
> message so they have little choice (so they think) but to download
> it:
> 
> http://www.amaena.com/securityworm81/download.php
> 

I didn't get any popups from it...

> Although this is simply a website popping up a fictional bogey man a
> lot of people would think their computer is warning them about some
> kind of imminent threat.
> 
> Dodgey!
> 

Reported to Google's "safe browsing for Firefox" thingy, which replied:

> Thanks for sending a report to Google. Now that you've done your good
> deed for the day, feel free to:
> 
> 1. Take a second to rejoice merrily for doing your part in making the
> web a safer place.
> 
> 2. Call/email/write to a neighbor/friend/relative and tell them what
> phishing is and how they can protect themselves.

... and so it goes on.

-- 
                Alphax
        Death to all fanatics!
  Down with categorical imperative!
OpenPGP key: http://tinyurl.com/lvq4g

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 569 bytes
Desc: OpenPGP digital signature
Url : http://www.linuxsa.org.au/pipermail/linuxsa/attachments/20061205/7b0ab865/signature.bin

More information about the linuxsa mailing list