Hacker Mind Tricks Increasing Malware Downloads
- Thread starter Tom Goldman
- Start date
Exactly what I was going to writeArachon said:
The only difference is the targets; used to be IT personnel in companies, now every dumb person is on the web with their info up for stealz.
I've dealt with this crap before, and will continue to do so, it's what I'm going to college for. Things like this are why I'm stoutly in defense of adblockers and scriptblockers. Find the sites that you know are safe and whitelist them, fuck the rest.
I'd blame human stupidity on this, but really, you get someone worried enough and they start acting in a manner that's a whole lot less sensible.
I'd blame human stupidity on this, but really, you get someone worried enough and they start acting in a manner that's a whole lot less sensible.
If it makes you feel any better they are mostly aimed at pirates, or wannabe pirates, no really...type free games on google on you will find this junk, Also you must understand FREE is an evil word that leads to evil areas, also all piracy websites that are trusted dont use FREE anywhere!
The sneaky ones are the pop-ups that try to keep you on the dodgy site by carefully wording the question.
"Warning! You are about to leave this page. If you want to stay click Yes"
-User attemping to get off the dodgy site doesnt read it, clicks yes and becomes another victim of mind trickery-
"Warning! You are about to leave this page. If you want to stay click Yes"
-User attemping to get off the dodgy site doesnt read it, clicks yes and becomes another victim of mind trickery-
Not absolutely foolproof, but darned effective for most cases:
Install Firefox [http://www.mozilla.com/firefox/].
Install NoScript [http://noscript.net/] and turn it on.
Whitelist only sites you trust. Click only on those Flash blocks you're interested in to let them play. (Extra Credit: [em]Never[/em] enable "facebook.com" or "fbcdn.net" unless you are actually interacting with Facebook.)
Seriously. Even in this age of AJAX-driven sites, there is not and never has been a good reason for any random site to use JavaScript, and certainly no reason for any random site to be importing and running JavaScript from other domains.
And then, unless you need to download Windows bug fixes, never run IE again.
Install Firefox [http://www.mozilla.com/firefox/].
Install NoScript [http://noscript.net/] and turn it on.
Whitelist only sites you trust. Click only on those Flash blocks you're interested in to let them play. (Extra Credit: [em]Never[/em] enable "facebook.com" or "fbcdn.net" unless you are actually interacting with Facebook.)
Seriously. Even in this age of AJAX-driven sites, there is not and never has been a good reason for any random site to use JavaScript, and certainly no reason for any random site to be importing and running JavaScript from other domains.
And then, unless you need to download Windows bug fixes, never run IE again.
I hate how aggressive these malware developers have become in recent years. I could be grabbing a file off of Megaupload or browsing Deviantart, which are mostly trustworthy sites on their own, and suddenly a flash ad will completely hijack my browser. Hitting anything starts downloading crap I don't want, and my only recourse is to cancel my browser process. It gets worse if I had things in other tabs and if I recover my tabs, then I just bring back the malware page along with them. It's a much worse situation than voluntarily giving out personal information/log-in details for *insert website here* to a phishing site.
I wonder what kind of person it is who actually presses the link so that we have to see them all the time.
Most, if not all, of these scams can unfortunately be traced to one source: Adobe Flash. Ever since they decided to turn a simple animation tool into a powerful engine for software development, and make them both use the same file type, people have been using Flash advertising as a way to embed malware directly into websites. And unfortunately, there isn't a single ad service on the Internet that has any sort of oversight on the content of Flash ads, and the alternative ? communicating with advertisers directly ? is impractical for most sites. This may very well be the only site on the entire Internet that does it anymore, and did I mention how grateful I am for that, Escapist ad staff?
That's not the problem. The problem is it's damn near impossible to catch them in the first place. Nobody can cover their tracks like someone who can manipulate the records. So threaten all you want; you might as well be promising to cure cancer when someone successfully eats the sun.Azaraxzealot said:
I constantly have to fix my aunts computer because she will click on anything without knowing what it does. When I try to explain it to her, even in caveman terms, she just outright refuses to learn and just blames her slowdown / popups, etc on me "fixing" her pc.
She absolutely refuses to use Firefox or Chrome because they are "too confusing" to her despite they don't look much different from many other browsers out there.
She absolutely refuses to use Firefox or Chrome because they are "too confusing" to her despite they don't look much different from many other browsers out there.
Really, I mean really, did you employ brain damaged monkeys for this "research" of yours?!
Because anyone who isn't retarded knew this decades ago, well we are all glad MS is keeping up with the times.
Christ almighty, 2011 and this passes as news... truly amazing
Because anyone who isn't retarded knew this decades ago, well we are all glad MS is keeping up with the times.
Christ almighty, 2011 and this passes as news... truly amazing
Wait, you know the new versions of this make so if you close the window it still downloads the virus or spyware right? The only way to escape it now is to end the page in the task window. They have advanced far beyond what your describing in this post.
One thing I find works - sometimes - is to invoke the overblown stranger danger paranoia people have drilled into their heads as kids. "When you were a kid, if a stranger offered you a piece of free candy you wouldn't take it. This is a stranger, offering you a piece of free software. Why are you taking it?"
But if you develop a network security tool, you gotta be damn sure it doesn't even crash 0.1% of the PCs it's installed on.
Problem is it's easier to be evil than good. So what if Total XP Security Plus or whatever crashes 10% of the PCs it infects and accidentally wipes 1% of all hard drives? It's not like they CARE about their targets. You don't need your software to be good, you just need it to be good enough to get seen by a certain number of suckers.presidentjlh said:
But if you develop a network security tool, you gotta be damn sure it doesn't even crash 0.1% of the PCs it's installed on.
And yet she still gets you to fix it. Dunno how old you are and what kind of family situation you're in, but if at all possible, REFUSE TO HELP. I cut off a relative who pulled that crap on me and I'm glad I did.Strixvaliano said:
I'm 26, The only family I have around that I even bother with are my aunt and grandmother so I tend to be a bit nicer but being told that I caused the problem when I'm trying to help and explain gets aggravating to the point I have been refusing to help her more recently and refer her to contacting Brighthouse whenever she complains about slow internet or other related issues, for everything else I just do a virus / malware scan, show her the results and just go on my way.Formica Archonis said:
In all honesty, you shouldn't click yes or no as BOTH tend to install the malicious programs. I've had to fix my sibling's computers on so many occasions because they were stupid enough to click it after having been fooled multiple times in the past, my parents have done this too. *facepalm*
Just use CTRL+ALT+Delete, end task for the program, and then restart your internet browser where you need to. It's very simple to avoid with COMMON SENSE!!!
Course then when I fix their computers it gives me an excuse to look through their TEMP files and use those downloaded then deleted porn caches as blackmail since they don't know how to delete TEMP files. >
Just use CTRL+ALT+Delete, end task for the program, and then restart your internet browser where you need to. It's very simple to avoid with COMMON SENSE!!!
Course then when I fix their computers it gives me an excuse to look through their TEMP files and use those downloaded then deleted porn caches as blackmail since they don't know how to delete TEMP files. >
Well, understand that this is one of the problems with bringing the lowest human denominator onto The Internet and getting them involved with telecommunications. You wind up with millions and millions of people who are lucky to remember how to breathe properly able to operate these increasingly simplistic systems. simplistic systems which by their nature are easy to operate.Dulcinea said:
Tricking your average computer user nowadays is very much similar to poisoning a retard by offering free candy you injected with something: it's not hard, and a paticularly apt analogy given the very nature of the people who have made games like "Farmville" massive successes and capapulted companies like Zynga into massive business success.
Sorry if that's insulting to some people reading this, but there is no nice way of saying that the internet in recent years has been intentionally packed full of morons, specifically because they could be exploited through the internet by businesses. It's not surprising that just as the sheeple can be sheered and exploited easily by business, that hackers can do the same exact thing, oftentimes using the same exact methods. I mean when you look at all the people that play "Farmville" and the social networking/money making power of Facebook, is it any surprise that hackers use similar techniques? What's more things like that prime the sheep for exploitation because they expect "free" games and offers, but just as those free games actually exist to addict people and goad them into paying money, not really being free, the other offers by hackers pay off by inserting backdoors, password hacks, keyloggers, and general "for the lulz" malware onto systems. It's like shooting ducks in a barrel.
I'm admittedly not the sharpest knife in the drawer, but I'm pretty aware of this stuff, and take precautions. I don't jump on obvious bait. I also don't get involved with piracy not *only* because it's wrong, but because by pirating crap your trusting an anonymous, obviously immortal (by being a pirate) source to install stuff on your computer. You steal a game, and your basically trusting "Cap'N 1337 Haxx" to not be doing anything else to your computer when you download and install it. People will sit down and say they trust this group, or that group, but even if certain hacker groups WERE trustworthy to their users, nothing really stops some joker from using that name. Even if the real group complains, how do you know who the source to trust when everyone is anonymous?
That said, even I pull tons of crap off my computer from time to time, using things like Norton (and no, I do not think Norton makes you invulnerable, unlike a certain internet Meme, and there are a lot of things it won't pick up. Still what it does pick up can be crazy at times, especially seeing as even legitimate sites like Amazon.com load your system with tracking cookies and garbage which they shouldn't be doing anyway, but which complicates matters).
The point here being that The Internet is no longer a haven for the fairly intelligent, at one time it took a degree of knowlege or at least patience just to get online and use The Internet. This is to say nothing of the BBS systems and Echos that dominated casual use for a long time and required programs like Procomm (or the Simterm knockoff) and similar things just to connect. It shouldn't shock anyone that by dumbing it down and herding in the people they dumbed it down for, that there is mass victimization going on.
The ironic thing is that the hackers are pretty much using the same basic techniques the businesses are.