Skip to main content

web based malware vectors.

Yesterday I had a visit by a childhood friend, during the visit I wanted to give him an idea of why Flash based web chat services can be inefficient for large number of simultaneous users while chatting. Before I could get into my example, the Userplane chat room I entered sent the following message:


It says "Warning! Your PC is at risk of virus and malware attack. Your system requires immediate check! System security will perform a quick and free scan of your PC for viruses and malicious programs." followed by an ok button as shown. Well , my years using computers and warning people of the dangers of trojan horse like messages from web pages prompting users to run scans, quickly told me this was a false message provided by some script embedded into the Userplane room I was in, and triggered by my attempt to send a message into the room. This is really bad news for Userplane, as it means the public rooms on its service have been compromised by malicious code creators and is being used as a vector for attack. Knowing what usually happens if one is to press the 'ok' button shown above, I immediately made my way for the "x" to close the window, and that was followed by a new message over the old one as shown below:Double the fun! This message attempts to admonish the User against closing the window without running the supposed "cleansing" scan. Of course, it is simply the malware trying to get you to click one of its buttons so that you can be redirected to what ever page, or initiate the download of whatever malware it really wants you to see. Since I could not close the window (and firefox has no method for terminating specific subwindows) I had to close Firefox by using the windows process tree to kill the process. This is a very ominous attack vector, that tries really hard to get you to press it's buttons and download the supposed cleaning software. I'd imagine most of the people who use Userplane for casual chatting have no idea of the possibility of a malware script being embedded in the chat room page. This makes such chatrooms significantly more dangerous than chat rooms accessed from stand alone chat clients like Yahoo messenger or MSN Messenger, which lacking control of the actual UI though embedded scripts (though they used to be rampant 10 years ago) are no longer able to send false messages that appear to look like standard windows prompts. I was curious to see if there was anything about this attack vector on google and searched "userplane chat malware" I found the following siteadvisor summary of the site.

http://www.siteadvisor.com/sites/userplane.com/summary/

The user comment by "art" posted on 3/30/2006 indicates that a Userplane advertisement from "ErrorSafe" seems to prompt messages to install its software. I don't know if the messages I captured are from Errorsafe, but judging by the way they completely interrupted the chat experience , I doubt Userplane would allow code in the advertisements that interrupts the users experience so completely. However, who knows...AOL (owner of Userplane) is pretty hard up for advertising revenue with their recent troubles.

Comments

Popular posts from this blog

On the idea of "world wide mush" resulting from "open" development models

A recent article posted in the Wall Street Journal posits that the collectivization of various types of goods or services created by the internet is long term a damaging trend for human societies.

http://online.wsj.com/article/SB10001424052748703481004574646402192953052.html

I think that the author misses truths that have been in place that show that collectivization is not a process that started with the internet but has been with us since we started inventing things.

It seems that Mr. Lanier is not properly defining the contexts under which different problems can benefit or suffer from collectivization. He speaks in general terms of the loss of the potential for creators to extract profit from their work but misses that this is and was true of human civilization since we first picked up a rock to use as a crude hammer. New things make old things obsolete and people MUST adapt to what is displaced (be it a former human performance of that task or use of an older product) so as to main…

Highly targeted Cpg vaccine immunotherapy for a range of cancer

Significance?


This will surely go down as a seminal advance in cancer therapy. It reads like magic:

So this new approach looks for the specific proteins that are associated with a given tumors resistance to attack by the body's T cells, it then adjusts those T cells to be hyper sensitive to the specific oncogenic proteins targeted. These cells become essentially The Terminator​ T cells in the specific tumor AND have the multiplied effect of traveling along the immune pathway of spreading that the cancer many have metastasized. This is huge squared because it means you can essentially use targeting one tumor to identify and eliminate distal tumors that you many not even realize exist.

This allows the therapy for treating cancer to, for the first time; end the "wack a mole" problem that has frustrated traditional shot gun methods of treatment involving radiation and chemotherapy ...which by their nature unfortunately damage parts of the body that are not cancer laden but …

First *extra Galactic* planetary scale bodies observed

This headline


Significance?
So every so often I see a story that has me sitting at the keyboard for a few seconds...actually trying to make sure the story is not some kind of satire site because the headline reads immediately a nonsense.
This headline did just that.
So I proceeded to frantically click through and it appears it was a valid news item from a valid news source and my jaw hit the floor.
Many of you know that we've been finding new planets outside of our solar system for about 25 years now.
In fact the Kepler satellite and other ground observatories have been accelerating their rate of extra-solar planet discoveries in the last few years but those planets are all within our galaxy the Milky Way.
The three major methods used to detect the bulk of planets thus far are wobble detection, radial transit and this method micro lensing which relies on a gravitational effect that was predicted by Einstein in his general theory of relativity exactly 103 years ago.
https://exoplanet…