Caution Fake Banners on Trusted Sites

Feel free to talk about anything and everything in this board.
Headline back 2
    1,946
    views
    6
    replies
    Last post ago about 6 years by Imagin.ation
    Putting on lipstick emoticon 1

    Lipstick

      admin
    • female
    • offline
    • 6795
      thanks given
    • 10281
      thanks received
    • Started by
      admin
      12,318
    • last active 4 hrs ago

    Readers of this topic also read:

    Please or register to post or comment.
      • Putting on lipstick emoticon 1

        Lipstick

          admin
        • female
        • offline
        • 6795
          thanks given
        • 10281
          thanks received
        • Started by
          admin
          12,318
        • last active 4 hrs ago

        Thanks for this post from:

        • No avatar small
        • Avatar 10386
        • No avatar small
        • Index
        • Avatar 24465
        • A dog    by inthewoods666
        • Img 20160318 141312
        • No avatar small
        Hiya Members,

        Came across this and wanted to warn members:

        Security Operations is observing an aggressive FakeAV/RogueWare installation campaign utilizing banner ads on trusted websites.  Some of the sites currently serving this malicious software include msnbc.com, youtube.com, and bing.com.

        The Perimeter Security Operations Center has recently discovered that upon visiting these sites you may be presented with either a fake Adobe Reader 8 Install prompt or a Microsoft Security Essentials "Infection Found" pop-up window.  Neither of these are legitimate.

        This ad based drive-by download presents itself as ThinkPoint.  The file may use a legitimate name such as hotfix.exe or mstsc.exe and is saved to a temp directory.  It then picks out random files, claims they are infected and forces you to "clean" these false threats.  ThinkPoint will state that you need a heuristic program to fix the problems and offers to sell one for $99.90.  Do not purchase ThinkPoint; this program is fraudulent.

        Antiviruses may detect this as FakeAV, FakeAlert, or a generic Trojan.  A full list can be found here:

        http://www.virustotal.com/file-scan/report.html?id=c049d274905ac80c9377e1cb0c291a5e67c33876ce256454db29dea953e44e4a-1287696527

        Screenshots of the infection in progress:





        There is a surprising lack of information about this trojan variant, considering how popular the sites are that are helping spread it.  We have found one reputable antivirus vendor with insight:

        http://www.f-secure.com/weblog/archives/00002053.html

        For Perimeter's ITC customers we have added a Null Route to blacklist the IP address of the domain actually serving the malware.  The advertising domain has also been submitted to Fortinet to be recategorized as Malware until this issue can be resolved by the primary domains using the advertisements.

        For customer's using Fortigates, additional steps of preventing this kind of infection include subscribing to Web Content Filtering while blocking the Advertising and Unrated categories, and subscribing to network Antivirus with download of Executables blocked.

        Lips
      • No avatar normal

        Imagin.ation

          Mighty! Member
        • female
        • offline
        Use Your Imagination
        Crazical Imaginical
        • 1789
          thanks given
        • 1199
          thanks received
        • Replied by
          Mighty! Member
          4,841
        • last active about 1 month ago
        Thank you Lips, i come across these kinds of things all the time, sometimes almost being stuck, you click "exit" or the X and it still takes you to the program, it's like you are stuck in the programs twilight zone, it can also get tricky with a question like, "if you would like to install this program click exit" if anyone has ever noticed that, when these pop-ups happen we quickly click the X or Exit.. Either way clicking exit or okay does not exit the program but takes you further, so keep an eye on that.. sometimes you have to use Ctl Alt Del to get out of them..  I have a good anti-virus protection on my PC so far so good it's kept these types of things happening, I really appreciate that you brought this to attention, they can be so frustrating
      • Putting on lipstick emoticon 1

        Lipstick

          admin
        • female
        • offline
        • 6795
          thanks given
        • 10281
          thanks received
        • Replied by
          admin
          12,318
        • last active 4 hrs ago
        Hi Imagin,

        I have had the same problems with trying to "X" off. I was told to never attempt to even x off. That by even doing that can be part of the process to download the virus. If you see a message pop up and you are uncertain, alt, ctrl and delete the page you are on or shut down puter all together and it should disappear.

        Lips
      • Images

        Cat50

        • Superstar Member
        • female
        • online

         spin time

        • 4102
          thanks given
        • 2445
          thanks received
        • Replied by
          Superstar Member
          6,152
        • online
        thanks for the warning about 2 months ago i had to put my pc in the shop to get fixed because of a similar virus please guys take heed 
      • No avatar normal

        Tirilej

          Sr. Member
        • female
        • offline
        • 90
          thanks given
        • 83
          thanks received
        • Replied by
          Sr. Member
          311
        • last active 3 months ago
        I have had some other malware the last two weeks, and how much I delete it with an anti-malwareprogram it keeps coming back. It is an add for casinos and it only pop up when I get into gamblingforums. So I don't know what to do. I don't think it is dangerous but it bothers me.
      • No avatar normal

        Imagin.ation

          Mighty! Member
        • female
        • offline
        Use Your Imagination
        Crazical Imaginical
        • 1789
          thanks given
        • 1199
          thanks received
        • Replied by
          Mighty! Member
          4,841
        • last active about 1 month ago
        a good anti-virus protection can help you, i have mcafee which comes free with my cable company with this program i never have probelms, it blocks everything, find a program that blocks pop-ups usually they are called anti-spy ware you can maybe google a free one, but you have to be careful with these as well, because those programs can have the malware and spy-ware themselves, the 2 that i have used in the past are AVG and Ad-Aware, those seem to have worked for me before i had mcafee

        this link is just a google link with a list of good ones you can choose from if you don't have one, i have used Ad-Aware in the past, just make sure you read them over before downloading

        http://www.google.com/search?q=free+anti+spy+ware+program&rls=com.microsoft:en-us:IE-SearchBox&ie=UTF-8&oe=UTF-8&sourceid=ie7&rlz=1I7ADFA_en

      lcb activities in the last 24 hours

      • 35
        new members
      • 652
        members online
      • 13074
        guests online
      • 153
        new posts
      • 5274
        free games played
      Join the club

      Most viewed forum posts

      Join today and start earning rewards

      You will immediately get full access to our online casino forum/chat plus receive our newsletter with news & exclusive bonuses every month.
      S logo
      Select Language
      Search
      Search Results

      Report to moderator

      Use this function to inform the moderators and administrator of an abusive or wrongly posted message.

      Please note that your email address will be revealed to the moderators if you use this

      Submit
      39012170