InformAction Forums

Hi forum friends, This piece of malcode that I took from this report (hidden inline script outside HTML a clear no, no): http://www.unmaskparasites.com/security-report/?page=www.ninjawy.com was tested by me online here: http://testasp.acunetix.com/Search.asp?tfSearch=function+verify_passwords(passwo...

Hi forum friends, Just a coincidence? Google changed their searchpage somewhat and Scroogle Scraper service had to throw in the towel. It cannot be used any longer. The anonymous Google service scroogle is no more: http://www.scroogle.org/cgi-bin/nbbw.cgi Google changed around so the simple scroogle...

Hi dhouwn,

Thanks for the heads-up on this one, my friend, found and installed,

luntrus

Hi forum friends, I like this extension to be aware of these obtrusive issues with javascript and inline events and have them lined out on the visited site: https://addons.mozilla.org/en-US/firefox/addon/9505 For checking up on javascript and can be used online, JSure javascript checker: http://www....

Hi dhouwn, Should this skip functionality be added to NS then? Or would that also be controversial? This ad-related nagging is a nuisance really to most users apart from the regular parties that get paid, and also the malcreants that "hook into" these revenues. "Linkbucks Frames"...

Hi forum friends, Page opened up in my flock browser with latest version of NS, RP, ABP+: htxp://a1b08eb4.linkbucks.com/ Annoying and adware threat i.m.h.o. How to get fully rid of this with NS? It appeared from a site that was apparently hacked, and the redirect would now go exclusively via the Lin...

Hi forum friends, Are you aware of this service: http://www.sitetruth.com/yhoo.html There is also an add-on for Fx: http://www.sitetruth.com/downloads/adrater.html To be installed from: https://addons.mozilla.org/en-US/firefox/addon/45354 The service is still alpha, but it is different from WOT. I t...

Hi forum friends,

An example of analysis of some packed compressed code ( 100% beningn) to see what it is:
http://jsunpack.jeek.org/dec/go?report= ... 7693618115

luntrus

Hi forum friends,

Just stumbled upon a so-called "fun"site to turn normal urls into huge ones. It is not only fun but could also be abused maliciously.
Re: http://forum.avast.com/index.php?topic=58487.0
Does NS protect us there under all circumstances?

luntrus

Dear forum friends and users of NS, In websites we will come across loads of obfuscated Javascript code being used by both code protectors for commercial tracking and evaluation purposes but also by malcreants to avoid detection of code they insert into reputable websites. Detecting this process sho...

Hi Alan Baxter,

For April Fool's Day Sophos launched their RickRoll Protector: http://www.f-secure.com/weblog/archives/00001924.html

luntrus

Hi forum friends, C:\Program Files\Mozilla Firefox\extensions\{9CE11043-9A15-4207-A565-0C94C42D590D}\chrome\content in this folder there is "timer.xul" and it is put there by "trojan:RS/Dursg.B" - mind that particular CLSID used in various malware like W32.RoutrobotWorm, Generic ...

Hi Alan Baxter,

This is the particular bug filed against this particular rickroll.swf:
https://bugzilla.redhat.com/show_bug.cgi?id=439858
The site it was on was non-malicious: http://wepawet.iseclab.org/view.php?has ... 96&type=js

luntrus

Hi Alan Baxter, Thanks for the additional info here, so these issues have been with us quite some time now and they will not be going away either soon. Here is how they tackled the issue in GoogleChrome while getting alert 1: https://bug61098.bugzilla.mozilla.org/attachment.cgi?id=377667 And indeed ...

Hi users of NoScript, Another issue where we should be glad we have the additional protection of NoScript, you won't get Rickrolled when you venture out here: http:// 1227.com/ With Fx without NS you are vulnerable to this Browser exploit: JOKE/BrowserMessage or Joke.NoClose JS the endless alert pop...