Quote:don't store your passwords on your browser

The security conscious should read this:

Quote:In this paper we surveyed a wide variety of password
managers and found that they follow very different and
inconsistent autofill policies. We showed how an evil
coffee shop attacker can leverage these policies to steal
the user’s stored passwords without any user interaction.
We also demonstrated that password managers can pre-
vent these attacks by simply following two steps - never
autofilling under certain conditions like in the presence
of HTTPS certificate validation errors and requiring user
interaction through some form of trusted browser UI, that
untrusted JavaScript cannot affect, before autofilling any
passwords.

Password Managers: Attacks and Defenses | USENIX

In fact, storing passwords in the browser can be fine - or it can be disaster. Find a keychain that meets the recommendations in the paper.

thank you for the warning

I've encountered a couple of suspect ads like that recently...one called itself a CPA Conversion Test, and when I clicked on it, it led to a site for what appears to be a cheat for the mobile game "Clash of Clans" (which I don't play), which then asked me to download "ClixSense-AccountProblem.doc". I closed the message and reported the site. The other one I more recently encountered asked if I wanted to download "10$ ClixSense Bonus.wsf". I also closed that and reported the site.

This is exactly why I prefer to use Linux operating systems to do PTC, since the risk is much lower on them than Windows (which I do use for pretty much everything else ).

StarryMight wrote: This is exactly why I prefer to use Linux operating systems to do PTC, since the risk is much lower on them than Windows (which I do use for pretty much everything else ).

Heh yeah - I couldn't figure out what it did (it's pretty well obfuscated), so I tried to run it (safely, in a sandbox), and couldn't get the damn thing to work.

Name of my latest auto-dl: flashplayer22pp_xa_install.jar

The dl was blocked and stoped but thats a another one going around

It came up in the Grid btw

I got that too;

Never download anything you are not sure of and especially if you never requested it. That is basic computer smarts.

BR , it could be a dorment program waiting for another add with a trigger sequence that is missing to activate it . That way it might be able to mask itself from those who try to figure out what it is and hide from security detection and removal tools .

I'm sure this kind of virus...


Virus Script / Batch
            This virus was originally known as the virus batch as was once contained in a batch file that is in DOS.Virus scripts are frequently obtained from the Internet because of the benefits of flexible and able to walk when we play on the internet, this type of virus usually stay in the HTML file (Hype text Markup Language) script created by using facilities such as Javascript, VBScript, 4 and combination of scripts that enable Active-X programs from Microsoft Internet Explorer.

It's a windows script file, but it's broken up into functions of obfuscated (and rearranged) arrays. At the end, the obfuscated arrays are then concatenated into a string and called as a command. It's definitely either a virus or some kind of malicious exploit. Hyldig might be right about the missing piece, or it might just be something missing in the *nix environment - since it's quite specifically a Windows script.

But yeah, it's definitely dodgy.

Also, since there's now a .jar file in there, there are probably several different malicious files doing different things anyway. I only looked at the 10$ ClixSense Bonus.wsf file.

Today.... new file download: ClixSense 5$ Bonus.wsf

Becareful

stsajen wrote: Today.... new file download: ClixSense 5$ Bonus.wsf

Becareful

I got that one today as well, I hit "Report Problem" and "cancel" on the download. Makes me wonder about some people!

This script to test your antivirus try ...


antivirus test

1. open notepad, then copy and paste the code below

X5O! P% @ AP [4 \ PZX54 (P ^) 7CC) 7} $ EICAR-STANDARD-ANTIVIRUS-TEST-FILE! $ H + H *



2. then save the file by "Save As". and a file name with .com exstension
      (* Filename and directory files / spot-free files) can drive the C, D, E etc.
       example: test.com


3. The notification will appear on our antivirus and if we are good antivirus will be immediately deleted / diblock.


4. Do not be afraid of this file we created earlier that contain EICAR of the code will not infect our computers for Text Standard Text Code above are used by the Anti-Virus Developers particular by EICAR (European Institute for Computer Anti-virus Research). so EICAR itself is the body that focus in the field of viruses and they create a standardization of the antivirus. These standards are used to see the reaction when the antivirus detects the file created by the EICAR ie text files that we created earlier with the notepad.

BouldRake wrote: It's a windows script file, but it's broken up into functions of obfuscated (and rearranged) arrays. At the end, the obfuscated arrays are then concatenated into a string and called as a command. It's definitely either a virus or some kind of malicious exploit. Hyldig might be right about the missing piece, or it might just be something missing in the *nix environment - since it's quite specifically a Windows script.

But yeah, it's definitely dodgy.

Also, since there's now a .jar file in there, there are probably several different malicious files doing different things anyway. I only looked at the 10$ ClixSense Bonus.wsf file.

I decompiled the source (at least for the 10$ ClixSense Bonus.wsf file), it's just a downloader for some .exe that I can't get to work. It pretends to be a "calculator", and it's been scanned on Virustotal for months. No antivirus detects it as a virus though.

Still don't open the file though. It might be on a timer, or the .exe might be detecting that it was being opened on a VM and didn't do anything.

shelbri78 wrote: Never download anything you are not sure of and especially if you never requested it. That is basic computer smarts.

Mine came from pages that auto-downloaded the files. I've got my system to block that sort of thing but it does not always work with these.

Your click has been validated
You've just been credited $0.001


Viewing: http://affilatemoneymaking513.online/Close

This Ad wanted to download something bad.

I am online with sandboxie. This tool showed me that a download was to take place. I just closed the message from sandboxie and the Ad ran. I use the free version.

Happy clicking

Your click has been validated
You've just been credited $0.001


Viewing: http:// affilatemoneymaking513.online/Close

This Ad wanted to download something bad.

I am online with sandboxie. This tool showed me that a download was to take place. I just closed the message from sandboxie and the Ad ran. I use the free version.

Happy clicking

Be careful it's back again, don't bather to report it because i already did.

yeah, i got more bonus in 2 days than with the grid within a year
so generous