[ Date Index ] [ Thread Index ] [ <= Previous by date / thread ] [ Next by date / thread => ]
this sounds like a phishing site they went on. as you have stated it only effects windows but theres nothing stopping the virus creators coding a mac or even linux version. max kudos for bring it to our attention thou. just goes to prove that sites like google, youtube and the like can not be 100% trusted On 30 October 2013 14:44, Julian Hall <linux@xxxxxxxxxxxx> wrote: > On 30/10/13 13:40, Martijn Grooten wrote: >> >> On Wed, 30 Oct 2013, Julian Hall wrote: >>> >>> I know that any image link on a webpage can link to a drive-by download, >>> that's not the new part. What /is/ new to me is that she got it from an >>> Ebay auction page - that much is established as she hadn't done anything >>> else on the web when the infection announced itself. That I think is a bit >>> of a worry as you can go to a perfectly well trusted - and very popular - >>> website, click on an auction and simply by viewing it end up with a virus. >> >> >> Did this actually happen on eBay, or was there a link from eBay to >> somewhere else that she clicked on? >> >> Note that some malware takes some time before it becomes active, so I >> would be hesitant to link what she was doing when the infection announced >> itself to the actual source of the infection. I also haven't heard anything >> about eBay serving malware. It is possible of course (last week php.net was >> serving malware) but if it's a big site it's usually discovered pretty >> quickly. >> >> The general message - that by only browing big sites you have nothing to >> worry - remains true of course. Make sure your browser and all of its >> plugins are and remain up-to-date. >> >> Speaking of ransomware, a _much_ nastier piece of ransomware, also >> currently spreading, is CryptoLocker, that encrypts your files in a 'secure' >> way: without the backup, you can only get your files back by paying a huge >> ransom. (And even then, as you're dealing with crooks, there's no guarantee >> that you will get them back.) Again, I don't think it targets anything but >> Windows, but again, the principle could affect any operating system. >> >> Martijn. >> > Hi Martijn, > > I'm not saying Ebay themselves did, simply that it /seems/ to have come from > an auction, presumably a graphic/link the seller inserted in the text, since > you can add links - for example to a manufacturer's website. CryptoLocker > was mentioned in reference to this one, so I don't know if that was the > payload. If it was she got away with it because she can still access all her > files after it was cleared. > > I agree that virii do take time often to activate, however she is a fairly > infrequent Internet user, and this was the only thing she had done in a > while, so while you're right it's not conclusive, it does seem more likely > than someone surfing for hours and suddenly blaming Ebay. > > Kind regards, > > Julian > > > -- > The Mailing List for the Devon & Cornwall LUG > http://mailman.dclug.org.uk/listinfo/list > FAQ: http://www.dcglug.org.uk/listfaq -- The Mailing List for the Devon & Cornwall LUG http://mailman.dclug.org.uk/listinfo/list FAQ: http://www.dcglug.org.uk/listfaq