InformAction Forums

Went to photobucket to view some images, and saw escokuro.com in my script list... it wasn't there before.. it wasn't present in my ABP filters, so did a search, and found almost nothing informative.. except this:

That Photobucket is a damn trojan ....
httq :// cdn . www1 .escokuro. com /inf_pu_toolkit_v2.swf SWF/Exploit.ExKit.AT trojan
connection terminated - quarantined
Threat was detected upon access to web by the application: C:\Program Files (x86)\Google\Chrome\Application\chrome.exe.

(link broken by me)

That domain went straight to Untrusted and is blocked in several other addons here as well now. I think I should even add it to my HOSTS file.

Did NoScript fully stop the threat simply by not letting anything from that domain load?

Offhand, I'd say, probably. Only sites that can run active content would be able to attack your machine. So unless someone put malware into the main photobucket domain, you're probably OK.

Good. I didn't think there was any issue given that I have antivirus monitoring everything my browser would fetch and nothing was flagged, but did a full system scan with ClamXav anyway before I saw your response, and the only files that turned up infected were definitely not related to this (possibly false positives, actually), so given your reply I think I'm fine.

Just shows how important it is to use some kind of default-deny tool for potentially dangerous stuff.