On Mon, 14 Jul 2008 12:05:55 -0400 'Beauregard T. Shagnasty'
wrote this on alt.comp.freeware:

>hummingbird wrote:
>
>> 'Beauregard T. Shagnasty' wrote:
>>> hummingbird wrote:
>>>> [HEALTH WARNING]
>>>> If you switch off all your security s/w and surf to this website,
>>>> see what happens: xxx.pricelessware.org
>>
>>> Ok, I did. I see a ~1995-coding-style web site with many lists of
>>> free Windows software. What was supposed to happen?
>>
>> Well, several months ago, if you had no security running that website
>> was discreetly transferring you to a URL based in HK and downloading
>> a trojan onto your system and running it to take you over. A recent
>> poster reported a similar problem only a coupla days ago on ACF. I
>> believe a malicious a-frame was installed by hackers. Much debate
>> here about it on ACF at the time.


>So that was a Windows trojan then?

The one in question is called "trojan.systemposer".

>Ok, I understand. To become
>infected, you probably needed to be using a Windows OS,

I use XP-Pro. I have no idea if *nix suffers the same problems.
Some people say it's more secure, but that's probably because
the hackers focus on MS s/w.

>probably Internet Explorer,

I use an IE clone (Avant).

>probably allowing ActiveX, probably don't have
>patches to stop malicious iframe redirection (which is quite common on
>hacked sites). [I guess you meant iframe, rather than a-frame.]

Sorry, yes I meant i-frame.

The problem with banning Active-X across the board in IE browsers
is that some websites simply don't display correctly without it.


>> After I got hit by it, I added the URL into my HOSTS file to prevent
>> myself ever going there again in error.
>
>If you got hit by this trojan, then which of the above were you not
>securing yourself from? Windows/IE/ActiveX/patches/iframes ?

All, but I took immediate to kill it and recovered within an hour.
I might add that that was the first time ever I got hit, and that
is without running AV s/w and not having a lot of browser patches,
although my browsing security is quite tight.

I read in the thread that you don't use Windows, so you probably
don't have all these problems. But my earlier point was about them
affecting a majority of users using Windows.


--
"All truth passes through three stages.
First, it is ridiculed, second it is violently opposed,
and third, it is accepted as self-evident"
(Arthur Schopenhauer)