Stories
Slash Boxes
Comments

SoylentNews is people

posted by cmn32480 on Sunday January 10 2016, @02:54PM   Printer-friendly
from the those-bastards dept.

The Forbes 30 Under 30 list came out this week and it featured a prominent security researcher. Other researchers were pleased to see one of their own getting positive attention, and visited the site in droves to view the list.

On arrival, like a growing number of websites, Forbes asked readers to turn off ad blockers in order to view the article. After doing so, visitors were immediately served with pop-under malware, primed to infect their computers, and likely silently steal passwords, personal data and banking information. Or, as is popular worldwide with these malware "exploit kits," lock up their hard drives in exchange for Bitcoin ransom. The exploit used was a version of hackenfreude.

Forbes has recently taken some flack from Soylent News readers for its heavy-handed approach to ad blockers.


Original Submission

 
This discussion has been archived. No new comments can be posted.
Display Options Threshold/Breakthrough Mark All as Read Mark All as Unread
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.
  • (Score: 2) by kurenai.tsubasa on Sunday January 10 2016, @03:10PM

    by kurenai.tsubasa (5227) on Sunday January 10 2016, @03:10PM (#287622) Journal

    I turned off Ghostery among other things, and the page that begs you to turn off ad blocking loaded about 40 different trackers before letting me in. Fortunately, the main site only loaded about 30 trackers. O.o;;

    Suddenly I want to hack forbes.com, not to disable the ad blocker blocker, but just so that it says, “Disregard that, I suck cocks” under the part about being an ad-lite experience.

    That is definitely going on the list of websites not to visit when booted into Windows!

    Starting Score:    1  point
    Karma-Bonus Modifier   +1  

    Total Score:   2  
  • (Score: -1, Flamebait) by Anonymous Coward on Sunday January 10 2016, @03:16PM

    by Anonymous Coward on Sunday January 10 2016, @03:16PM (#287626)

    Disregard that, I suck cocks.

    Sorry, force of habit.

    -- OriginalOwner_ [soylentnews.org]

    • (Score: 0) by Anonymous Coward on Sunday January 10 2016, @07:16PM

      by Anonymous Coward on Sunday January 10 2016, @07:16PM (#287714)

      Your pattern of bad behavior, repeatedly injecting noise into threads for weeks:
      December 30 [soylentnews.org]
      December 30 [soylentnews.org]
      December 31 [soylentnews.org]
      January 04 [soylentnews.org]
      January 05 [soylentnews.org]
      January 08 [soylentnews.org]
      January 08 [soylentnews.org]
      January 10 [soylentnews.org]

      Some are being marked troll and flamebait. They are all clearly SPAM.

      • (Score: -1, Flamebait) by Anonymous Coward on Sunday January 10 2016, @08:07PM

        by Anonymous Coward on Sunday January 10 2016, @08:07PM (#287739)

        You seem a bit mad.

        -- OriginalOwner_ [soylentnews.org]

  • (Score: 2) by Runaway1956 on Sunday January 10 2016, @03:22PM

    by Runaway1956 (2926) Subscriber Badge on Sunday January 10 2016, @03:22PM (#287627) Journal

    Now and then, I'm curious enough about an article that I fire up a VM, and c/p the address into a browser there. Read the article, clear cookies, shut the browser down, and watch Better Privacy delete a super cookie.

    It doesn't happen very often. Mostly, if the site won't cooperate with my browser, I just don't bother reading it. Mostly, a Google search with some of the terms in the article will turn up some other article using the same sources for it's story.

  • (Score: 3, Interesting) by Runaway1956 on Sunday January 10 2016, @04:28PM

    by Runaway1956 (2926) Subscriber Badge on Sunday January 10 2016, @04:28PM (#287645) Journal

    Forget about the "I suck cocks" thing. Some of us like cocksuckers. Instead, put "I eat shit". No one likes a shit eating dog, do they?

    • (Score: 1) by Noldir on Sunday January 10 2016, @09:14PM

      by Noldir (1216) on Sunday January 10 2016, @09:14PM (#287778)

      Please keep in mind rule 34 and having said that, in so not gonna Google that...

      • (Score: 0) by Anonymous Coward on Sunday January 10 2016, @10:17PM

        by Anonymous Coward on Sunday January 10 2016, @10:17PM (#287836)

        2girls1cup

        • (Score: 0) by Anonymous Coward on Sunday January 10 2016, @10:21PM

          by Anonymous Coward on Sunday January 10 2016, @10:21PM (#287838)

          Filing this one under "Asking for it"

  • (Score: 3, Informative) by gnuman on Sunday January 10 2016, @05:05PM

    by gnuman (5013) on Sunday January 10 2016, @05:05PM (#287649)

    That is definitely going on the list of websites not to visit when booted into Windows!

    Except now there are 100% javascript based exploits.

    http://www.computerworld.com/article/3018972/security/ransom32-first-of-its-kind-javascript-based-ransomware-spotted-in-the-wild.html [computerworld.com]

    • (Score: 4, Insightful) by sjames on Sunday January 10 2016, @05:34PM

      by sjames (2882) on Sunday January 10 2016, @05:34PM (#287660) Journal

      It seems unlikely that it is actually cross platform. For one, according to what I've seen, it comes as a self-extracting RAR (not cross platform) and drops it's payload in the start folder so it runs when you log in. That is very much a Windows only thing.

      But in general, it's telling that while we spend billions hunting funny plants and people with the audacity to carry 4.1 oz of shampoo, we have seen no significant effort to hynt down and kill the people cranking out cryptolocker and clones.

      • (Score: 2) by Hyperturtle on Sunday January 10 2016, @08:46PM

        by Hyperturtle (2824) on Sunday January 10 2016, @08:46PM (#287767)

        But--the people that want access to your stuff don't want your attention drawn to this, which is why they have a "War on Terror" and a "War on Drugs" and not a "War on Cybercriminals".

        They'd get shot.

      • (Score: 2) by Hairyfeet on Sunday January 10 2016, @10:24PM

        by Hairyfeet (75) <bassbeast1968NO@SPAMgmail.com> on Sunday January 10 2016, @10:24PM (#287840) Journal

        Sorry but malware guys have already figured out Linux users are trivial to add so they are cooking up cross platform malware [zdnet.com] that simply detects which OS you are on and then grabs the correct exploit. This means you can't go by what you get if you visit the malware on a Windows box as the payload will change if you are on OSX or Linux.

        You gotta give them credit, it looks like it really didn't take much to add Linux support, just a few lines.

        --
        ACs are never seen so don't bother. Always ready to show SJWs for the racists they are.
        • (Score: 3, Informative) by sjames on Sunday January 10 2016, @10:37PM

          by sjames (2882) on Sunday January 10 2016, @10:37PM (#287846) Journal

          Sure, it is possible to write a trojan for Linux, but the one you referred to required the user to actually run the app after downloading. The Javascript was nothing more than the standard stuff you'll find when downloading from google, sourceforge, or anywhere else that offers binaries for more than one platform.

          A multi-platform drive-by is possible, but the PARTICULAR bit of malware in question doesn't appear to be an example of it. Building it from Javascript isn't enough to make that happen.

          That doesn't mean I'm willing to just run any old thing an advertiser cares to toss my way.

        • (Score: 1, Funny) by Anonymous Coward on Monday January 11 2016, @12:49AM

          by Anonymous Coward on Monday January 11 2016, @12:49AM (#287886)

          as the payload will change if you are on OSX or Linux.

          Not if your browser ident string is set to Win95!!