Antivirus XP 2010 -- a gift from Flash Ads

[garretthylltun]

Regardless of what security measures take on computers, if they are using MSIE, Opera or Chrome, they will get hit with this shit! The only way I've been able to get people to avoid it is by using Firefox or a Mozilla variant that has the ability to install the addon "NoScript".

If you think you're pro or leet and continue to use one of those browsers, then you're just asking to take it up the ass. Worse yet, is if you continue to let your friends and family use one of these browsers, then you must really hate your friends and family.

[GWarner]

I have never heard about google ads containing viruses... And they are very careful with which ads they allow, so until I hear other reports about this I will have a hard time believing you.

Not me. Google can be as careful as they want, all it would take is for a hacker to break into an ad service and replace several legitimate clean ads with his virus laden scareware crap and then sit back and watch the money roll in.

I'd disable all scripts as that seems to be the primary weakness these creeps use, but with my vision problems I do most of my shopping on line and most if not all shopping site require at least JavaScript be enabled to work properley.

[blueznl]

NoScript thus far kept most out.

I just noticed the other day how my kid was using my wife's laptop, playing a few flash games. When I shut down the machine I spotted a pop-under window, showing a winding... 'run as other user' trying to install something (but alas it didn't manage to as I've severely restricted their rights)... It launched that THROUGH AN ADD.

Sigh.

Amazingly, my wife (being chinese) visits lots of 'funky chinese websites' (hey, I cannot read a single word of Chinese, so they're all funky to me ) but never managed to get the machine infected. She's logging in with user rights, no supervisor rights whatsoever, and mostly uses FireFox (but sometimes IE for a few sites that won't work on FireFox).

I'm not using NoScript on that machine, and only used 'SypBot SD' to immunize it somewhat. It's using Windows Firewall and Microsoft Security Essentials.

I've checked the machine on an infrequent basis using Malware Bytes, SuperAntiSpyware, Spyware Doctor, SpyBot, Avira Antivir, and some other things, and thus far it never got infected...

Sometimes it makes me wonder how other people do get infected...

[Joakim Christiansen]

Google can be as careful as they want, all it would take is for a hacker to break into an ad service and replace several legitimate clean ads with his virus laden scareware crap and then sit back and watch the money roll in.

In movies yes... but in the real world hacking something like that (Google) can be very hard or even near impossible. I will sure raise an eyebrow the day a Google service is taken over by a hacker. Sure "anything" could happen, but it is not very likely. If we follow that way of thinking we could also say that at any time a hacker could take over the Windows Update servers and send out malicious updates to millions of computers in a day or so.

[Spaceman Spiff]

I have seen something like this happen where I work, it was flash based but I am of the opinion that the malicious code was probably dropped on to the flash code after it left google and before it went to my bosses computer!

I mean there are a lot of links in any chain, no?

[c4s]

@ Google Ads serving malware
Last week several (big!) german news sites had ads with malicious code in it so it's not that rare.

[srod]

Vista standard user account + UAC + Windows defender + Windows firewall + AVG + careful about which websites I visit... no problems whatsoever.

The only virus I have ever contracted (which did force a complete wipe of the system) occurred whilst I was browsing under an admin account and with UAC turned off. In short, my own stupid fault really.

I had a friend who passed me a laptop which had been infected with something very similar to AV, damn think locked the whole system up whilst bombarding the user with spoof virus alerts. It was quite easy to remove though thanks to a bit of PB code and a MS utility (Autoruns).

[KJ67]

It's very hard to keep everything secure, even just a small Flash can execute some payload on your system.
A few days ago Flash was updated due to a severe problem, ses APSB10-06.
It's almost impossible to protect against all 0-day breaches, even worst since MS & Adobe often waits weeks-Mouths to fix them.

Anyhow;
Firefox with Adblocker and NoScript is a good start after you get the basics (AntiVirus, non-admin account etc.)....

[GWarner]

In movies yes... but in the real world hacking something like that (Google) can be very hard or even near impossible.

It doesn't have to be a Google owned or controlled server.

It wouldn't surprise me if a percentage of the ads Google distributes, isn't on their servers but is on servers owned and operated by 3rd parties. How secure are they?

You need to stop this Google centric tunnel vision and consider the broader picture that the Internet is made up of lots of computers and that the content Google delivers doesn't necessarily have to come from servers they own or operate.

[UserOfPure]

I've never understood the love of NoScript. Makes the net totally unusable for me. Every site I use, needs scripts -- even these forums. Why would I want to disable that, or put up with whitelisting every favorite site? And for visiting new sites, with NoScript running you won't always see the site as it's meant to be, so you need to disable NoScript to see it, and therefore risk any malicious scripts thereon; thus, NoScript is a total and utter waste of time.

[c4s]

@ UserOfPure
Somehow I'm feeling the same: It slows your "internet experience" down and nearly all websites need scripts...
Anyway I'm using still it with scripts always enabled because it has some other security features and I'm feeling safer than without it - don't know if it's useless...well I already had some cross site scripting warnings etc.

[Joakim Christiansen]

UserOfPure:
I too agree with you, almost every website needs javascript enabled these days. I use Firefox and I have never ever had any viruses though I browse the web all day...
Javascripts themselves or Flash for that sake can never do anything harmful to your computer, it's when people miss use security holes in these technologies (like buffer overflows and such) they are able to run harmful code. And even the html parser of your browser (any browser) might have security holes as well.

One can probably never be 100 percent safe (even with NoScript); but security holes in browsers are mostly fixed fast and it's getting harder and harder each day to find them. The best thing people can do is to get themselves a good antivirus program to detect these things before they have a chance to execute.