malicious script from pop-ups - DPChallenge Forums

01/21/2005 02:56:24 AM · #1

I went to a link someone left on one of the threads on this site and a pop-up appeared. The pop-up was from a bluestreak.com if you have recieved this pop-up and do not have adaquate protection you have data miners located in your cookies. Check.

I sent bluestreak.com the following email:

Circumstances:

Your webpage was accessed by our computer several days ago and left malicious script.
Data Miner / Cookie / bluestreak.com/
Data Miner / Cookie / fastclick.net/
Data Miner / Cookie / tribalfusion.com/
Data Miner / Cookie / z1.adserver.com/
Data Miner / Cookie / doubleclick.net/

These all were detected as your site was accessed as a pop-up. Please cease such activity. Any further attacks will be reported, and legal action will ensue.

I don't know if the email will do any good, but I get tired of these *ssholes always trying to screw up sh*t. There are amillion ways to make a legal buck in this world and I hope their weenies rot off.

Message edited by author 2005-01-21 02:58:03.

01/21/2005 03:03:43 AM · #2

Originally posted by nsbca7:

These appear nothing more than cookies placed by their advertisement servers, not malicious scripts.

-Terry

Tamron SP AF 28-75mm f/2.8 XR Di for Canon

01/21/2005 03:09:40 AM · #3

Originally posted by ClubJuggle:

These appear nothing more than cookies placed by their advertisement servers, not malicious scripts.

-Terry

That is not what my lavasoft reported when it quarantined them as data miners. Don't believe me? Go to //www.bluestreak.com. Then you can have some too.

I mean they are easy enough to get rid of (most of the time), but why should I have to?

PS: Don't click on that link.

Message edited by author 2005-01-21 03:11:05.

ganders

Canon EOS-40D

01/21/2005 03:18:20 AM · #4

AdAware is very enthusiastic to tag cookies as "data miners"; while it's very good at catching genuinely malicious stuff I do think it does a huge mis-service by pulling up every cookie from an advertiser because it's very misleading.

Trust me when I tell you, there is no way a cookie can act as a "malicious script" - it's technically impossible.

01/21/2005 03:19:33 AM · #5

"Data miner" is the category to which Lavasoft AdAware assigns advertiser cookies.

Sony 24-70mm F4 Vario-Tessar T* FE OSS

01/21/2005 03:36:22 AM · #6

Originally posted by ClubJuggle:

"Data miner" is the category to which Lavasoft AdAware assigns advertiser cookies.

It may be, but after I had accessed this site and before I had scanned my system with AdAware I was getting those crappy bogus gray Microsoft warning dialog boxes telling me I had a virus on my computer and to get rid of it I should click here. These are not from Microsoft even though that is what it says. I know what these are because I have had them before and have had to get them off of other peoples computers.

And just to check before I jumped the gun I removed all of the cookies AdAware had found. I scanned the computer again and it was clean. I then accessed the bluestreak site again and a few minutes later the fake virus warning box came up again. I re-scanned with AdAware and the five data miners were on the computer again. I got rid of them and no more fake warning boxes.

Bear_Music

Samsung Galaxy S24 Ultra

01/21/2005 03:42:58 AM · #7

That's exactly what a cookie IS. It retrieves data stored on your computer. This site generates cookies, so you log in automatically. But there are levels of cookies. In theory, a data miner is a cookie that keeps right on working, whether you're at the site where it originated or not. Whenever you're on line, it's sending out information to the people that ennabled it.

Most data miners are innocuous enough, just acting like "nielson ratings" for computers, but some of them are, indeed, malicious, sending out information you would not want revealed. The main problem with them, though, is that every data miner that's working is using up some of your limited resources, and they bog your computer down.

Anyone that's on broadband and online whenever they are booted up should be using AdAware or some such program regulalrly. I certainly do.

This, anyway, is how I understand it. I s'pose someone more skilled than I in these matters will correct me, and that's cool.

Robt.

Sony 24-70mm F4 Vario-Tessar T* FE OSS

01/21/2005 03:43:39 AM · #8

Have you considered switching your browser to Firefox?

I've switched a couple months ago and haven't seen a popup or "browser helper object" since.

-Terry

Message edited by author 2005-01-21 03:44:14.

Bear_Music

Samsung Galaxy S24 Ultra

01/21/2005 03:44:59 AM · #9

Terry,

I run Firefox, and definitely have seen a decrease in these things, but they do get through with some regularity. Nothing damaging, though.

Robt.

Tamron SP AF 28-75mm f/2.8 XR Di for Canon

01/21/2005 03:52:11 AM · #10

Originally posted by bear_music:

Anyone that's on broadband and online whenever they are booted up should be using AdAware or some such program regulalrly. I certainly do.

I was going to go ahead and buy a copy of Nortons 2005. I heard it is great at blocking all this crap. I have the 2004 edition. It works great at protecting my computer from viruses but does nothing to stop ad ware and pop-ups.

ganders

Canon EOS-40D

01/21/2005 04:18:12 AM · #11

Originally posted by nsbca7:

Those are usually just popup adds with graphics made up to look like dialog boxes. Now they are an evil form of advertising, especially the ones that have a Cancel button because people are suckered into clicking on them which DOES allow them to install malicious stuff. Best thing to do is just to close the window they're in (click the X top right or Alt-F4)

The advantage of Opera (and I presume Firefox too, that's tabbed also?) is that as the popups just appear as another tab it's much more obvious that it's a popup advert rather than a genuine system message.

Sigma 50-500mm f/4.0-6.3 EX APO RF HSM for Canon

01/21/2005 04:28:17 AM · #12

Originally posted by ganders:

(click the X top right or Alt-F4)

Caution. Do not click X top right. This often is the same as clicking the OK or Close Dialog Box buttons and may open Pandora. Always use the Alt-F4 or Windows Task Manager to close any suspicious pop-ups or dialog boxes.

gusto

Canon EOS-7D

01/21/2005 06:19:55 AM · #13

Cookies will store only information you willingly provide with the exception of your IP address, user agent and a few things your browser offers. Cookies typically store usernames that are associated with forms used to log in, like here at DPC you can at the time of login choose to remain logged in. In this case it makes a note in the cookie to keep you logged in, where the web server checks the cookie and if it indicates you have elected to remain logged in it then reads the cookie and accesses your username and password. NOTE: other serers can not access cookies that they do not host.. for example if you elect to remain logged in here at DPC then go to my web site I can NOT read the DPC cookies... Cookies are a good thing "Martha Stewart"

David.C

Nikon AF Nikkor 50mm f/1.8D

01/21/2005 06:39:17 AM · #14

The cookies used by advertisers don't normally get any user interaction, unless you click on it, but the writers of the advertisement does know what type of advertisement it is displaying. This allows the advertisement server to place the types of advertisement you are being shown. Since that same ad server can access the cookie regardless of which webpage the ad is on, they gain demographics of what kind of ads you see. The ad server is also most likely aware of the page the ad is on, which allows a cross-section of your browsing habits (those pages with ads from that server) to be gathered into even more demographics. All of it is completely harmless since the only personal information they have about you is your IP address -- not exactly a big secret.

Ad-aware classifies cookies used in this manner as data-miners because they mine data (the demographics) that would not otherwise be available to the ad agency. A few of the more paranoid and ill-informed internet denizens started screaming about their privacy being violated by such activities and the media went wild with it. They are completely harmless, being concerned about the perceived privacy that is 'lost' by them is similar to someone going to the store and then worrying because the lad stocking the shelfs saw them there.

David

01/21/2005 07:05:52 AM · #15

Originally posted by nsbca7:

Originally posted by bear_music:
Anyone that's on broadband and online whenever they are booted up should be using AdAware or some such program regulalrly. I certainly do.

I was going to go ahead and buy a copy of Nortons 2005. I heard it is great at blocking all this crap. I have the 2004 edition. It works great at protecting my computer from viruses but does nothing to stop ad ware and pop-ups.

Norton's What 2005?

Symantec has a lot of products in the Norton line with 2005 in the product name.

-Terry

01/21/2005 07:06:32 AM · #16

Originally posted by Britannica:

They are completely harmless,

Then what are the ones that take over you computer with pop-ups when you are not even online or change the home page on your browser or keep giving you these dialog boxes that tell you you have a trojen and for just $19.95 they can fix your computer that they screwed up. These are not classed as viruses because Nortons 2004 totally misses them.

My time is worth money and when I have to spend my time closeing out crap that I never asked for they are stealing my time and thus my money. So no, they are far from harmless.

Message edited by author 2005-01-21 07:09:24.

01/21/2005 07:08:32 AM · #17

Originally posted by ClubJuggle:

Norton's What 2005?

Symantec has a lot of products in the Norton line with 2005 in the product name.

-Terry

System Works or Antivirus. Whichever will take care of it.

01/21/2005 07:09:29 AM · #18

Originally posted by nsbca7:

Originally posted by Britannica:
They are completely harmless,

Then what are the ones that take over you computer with pop-ups when you are not even online or change the home page on your browser or keep giving you these dialog boxes that tell you you have a trojen and for just $19.95 they can fix your computer that they screwed up. These are not classed as virues because Nortons 2004 totally misses them.

My time is worth money and when I have to spend my time closeing out crap that I never asked for they are stealing my time and thus my money. So no, they are far from harmless.

They are malware, not cookies or data miners. A cookie is nothing more than a text file. It is simply not possible for a cookie to cause the activities you are describing above.

-Terry

01/21/2005 07:14:30 AM · #19

Originally posted by ClubJuggle:

They are malware, not cookies or data miners. A cookie is nothing more than a text file. It is simply not possible for a cookie to cause the activities you are describing above.

Well I don't guess I want any of them.

01/21/2005 07:17:47 AM · #20

Originally posted by nsbca7:

Well I don't guess I want any of them.

I hope you don't have DPChallenge or any other web site set to remember your username and password then. That type of information would be stored in a cookie.

-Terry

Nikon AF Nikkor 50mm f/1.8D

01/21/2005 07:38:25 AM · #21

Originally posted by ClubJuggle:

Originally posted by nsbca7:
Well I don't guess I want any of them.

I hope you don't have DPChallenge or any other web site set to remember your username and password then. That type of information would be stored in a cookie.

-Terry

I know what those cookies are and I know what they are there for. Your telling me that there is no such thing as a bad cookie? They are all harmles? Couldn't hurt a fly or cause a pop-up?

rex

Canon PowerShot SD780

01/21/2005 07:43:13 AM · #22

Originally posted by ClubJuggle:

Have you considered switching your browser to Firefox?

I've switched a couple months ago and haven't seen a popup or "browser helper object" since.

-Terry

In my opinion Firefox is 100% better than IE.

deapee

Kodak V803

01/21/2005 08:05:07 AM · #23

Originally posted by nsbca7:

Any further attacks will be reported, and legal action will ensue.

Dude, you can't sue someone for putting a cookie on your hard drive, or press criminal charges against them, for that matter. If you don't want cookies, you seem like a smart person -- turn them off. Or block them from all sites you do not trust.

You probably made someone's day with that email though -- I'm sure they got a good laugh out of it.