Skip to comments.New browser attack lets hackers run bad code even after users leave a web page
Posted on 02/25/2019 1:35:50 PM PST by Swordmaker
Academics from Greece have devised a new browser-based attack that can allow hackers to run malicious code inside users' browsers even after users have closed or navigated away from the web page on which they got infected
This new attack, called MarioNet, opens the door for assembling giant botnets from users' browsers. These botnets can be used for in-browser crypto-mining (cryptojacking), DDoS attacks, malicious files hosting/sharing, distributed password cracking, creating proxy networks, advertising click-fraud, and traffic stats boosting, researchers said. . .
(Excerpt) Read more at zdnet.com ...
All it takes is a little Windex.
Pinging dayglored, ShadowAce, and ThunderSleeps for your lists.
If you want on or off the Mac Ping List, Freepmail me.
Didnt bother to read the article before posting a dismissive comment, huh?
And a cloth.....or something.
Academics? I have to believe that something's been lost in translation there.
Will caching be a path to exposure, and perhaps launching the browser in the background without user noticing?
This article was written either by an illiterate or a machine, which shows you the state of commercial IT tech writing today. The kind of sloppiness and carelessness and low standards that have been characteristic of many IT companies and big business labs has morphed into illiteracy worthy of the Daily Mail. Does anyone wonder that there is so much invasion, intrusion and criminal use of information in this industry? It starts with the indifference of most in the industry to anything besides monetizing their product.
Oh well this was done by academics so I am not going to worry about it.
One thing I learned from coding with Visual Basic for Applications was that I could create a popup box that said anything I wanted and did whatever I wanted when clicked.
So when I see a popup that says, for example, Do You Really Want To Leave This Site, unless I trust the site, I won’t click it. You could be authorizing the server to do all kinds of crap. Better to go in your taskbar and click X on that screen.
it’s Greek to me.
So much for HTML5 being safer than Flash.
Very doubtful. These are scripts and in app services that run only within the browser. Most browsers are sandboxed and cannot start separate apps. . . especially after termination. Caches are generally not a memory location where anything can be executed. I.E. non-executable memory locations which the hardware wont use to run any apps or executable files.
So when I see a popup that says, for example, Do You Really Want To Leave This Site, unless I trust the site, I wont click it. You could be authorizing the server to do all kinds of crap. Better to go in your taskbar and click X on that screen.
In Safari when that situation arises, I simply close out the tab. Am I accomplishing the same thing?
The problem with this is it doesnt require the user to do anything to launch the malware and clicking the close window or tab has no effect on the fact the malware had been already launched in the background of your browsers environment. The ONLY current solution is to quit the browser and NOT revisit the website that has that infection script included when you restart the browser, whether automatically reloading last opened tabs, or the user goes back to the website intentionally. . . And apparently theres no way to easily know if any website (or an ad on the website) has infected your browser!
I’d think so. The popup usually locks up your screen until you deal with it. If you can exit the screen by closing the tab, it should be okay.
The problem with this is it doesnt require the user to do anything to launch the malware
Unfortunately, it doesnt help because these vulnerabilities dont require the user to do anything except navigate to a website that has a script that will infect your browser by invoking browser services maliciously. . . Or it could be on a users frequently used website and the script comes in on a rotation advertisement from Google. No authorization required.
Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.