Jump to content
Search In
  • More options...
Find results that contain...
Find results in...
danielhday

Weirdest thing a website has downloaded to your computer

Recommended Posts

I browsed through many websites in my lifetime. Some of them were suspicious, and downloaded suspicious files alongside what I wanted to download. Others were "safe" but downloaded harmful files without my permission (files worse than the ones on the suspicious websites. (adobe flash player))

     Not too long ago, I was browsing through ASCII art websites. When I entered this one ASCII site, it downloaded a file to my computer without my permission. This file was a midi. The midi was named "Tequila". And of course, it was a midi cover of the song "Tequila" by The Champs. That ASCII website had absolutely nothing related The Champs or songs. But tequila is also an alcoholic beverage, and the art in that site was beverage related. I guess that is why I got a midi of "Tequila". 

 

Share this post


Link to post
1 hour ago, danielhday said:

websites ... downloaded ... files ... without my permission

You should never ever ever ever allow this to happen. Something is badly wrong if it does.

Share this post


Link to post

Kinda related, I keep seeing an .xpi file appear in my Temp folder in AppData randomly. I think uBlock is doing it but I'm not sure.

Share this post


Link to post

I know imgur has ads that keep hijacking the browser to tell me it needs a javascript update that pops up. I'm fine with seeing ads, but that in particular feels like a great reason to use adblock.

Share this post


Link to post

One time I was screwing around on a throwaway VM trying to find some obscure file on shady af sites, but quickly noped out and force shut the VM down when a drive-by-downloaded file with a .rar.png extension leaked into my main and triggered an alert in my AV. That was fun.

Share this post


Link to post
5 hours ago, Grazza said:

You should never ever ever ever allow this to happen. Something is badly wrong if it does.

Just like everything security-related, preventing drive-by downloads is a constant arms-race between those that have a vested interest in them occurring, and those patching security holes. Even if existing ones are patched, with new browsers and new extensions/technologies, others will open. Hell, we're almost in 2018 and still there's no definitive way for preventing unwanted popups. Pop-Up blockers exist, sure, but so do pop-up blocker workarounds, and counters against those workarounds, and counter-counters etc.

 

As I said before, it's an ongoing arms-race. It wasn't until 2016-2017 that most browsers added a way to prevent at least Javascript dialog popups, with a checkbox to prevent further ones from a specifc page, and a keyboard shortcut (ESC) to close them when a page tried to hide the "OK" button from the user with a wall of ominous/threatening text ("YOUR COMPUTER HAS BEEN LOCKED * YOUR COMPUTER HAS BEEN LOCKED" etc.).

 

Looots of fun with the ambiguous "Leave this page", "Stay on this page", etc. dialogs ;-) I think it was on 2015 or so when FINALLY, browsers disabled the ability for user code to modify the text on these buttons, which were used to con/threaten users into not leaving some shitty scammer's page.

Edited by Maes

Share this post


Link to post
3 hours ago, 129thVisplane said:

One time I was screwing around on a throwaway VM trying to find some obscure file on shady af sites, but quickly noped out and force shut the VM down when a drive-by-downloaded file with a .rar.png extension leaked into my main and triggered an alert in my AV. That was fun.

I've always wanted to do some malware analysis, but this is my #1 fear. 

Share this post


Link to post

Funnily enough, some (most?) malware has safeguards against running inside VMs, exactly to prevent being analyzed, so that would make VMs, in theory, the safest choice for executing pretty much anything. If one takes this reasoning further though, what prevents the "real" OS than posing as a VM, in order to shut down some malware? And, on the converse, what if malware authors reason that this precaution isn't worth the loss of potential victims, and abandon it altogether?

 

Now, if some went even beyond that and managed to "punch through" VMs, well, hats off. O_o

 

Edit: well, apparently there is malware that can not only detect it's running inside a VM, but also exploit specific vulnerabilities and "break free", rather than trying to keep "under the radar".

 

https://security.stackexchange.com/questions/9011/does-a-virtual-machine-stop-malware-from-doing-harm

 

Arms race, as I said. Still, it's amazing the lengths malware authors will go in order to make your day miserable, although making particularly obvious/destructive malware like the viruses of yore is not the primary goal today: it's more about spreading silently, securing your grip on the system and gaining control on demand.

Edited by Maes

Share this post


Link to post

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
×