OT? Online Survey Takes Over Chrome

Do you have a question? Post it now! No Registration Necessary.  Now with pictures!

Threaded View
Clicking around on various pages referring to Prindle Catamarans,
I somehow wound up with this URL loaded into Chrome:
http://onlinesurveycenter.net/?u=bZSfrYk0-FB3O5eK99cklThi5fW7i39d7ZEsHhVDqMigjMbpGvYxDd2ARntgPT3HeMpbczz0DkOhDLesVid1rLFWcIukkYzg7hgfR5yqrGc0blV9Cvn9Zezv4cwRwJBqwv55/GEfG0mwjwJxc7z6UaGD7yWJGYt0xAfMUBtENnecI8-uZZD69N7CcflNrPW34VWjTOmPkeHTrLkcsL7GFkCvhcMmYBOyAMIx6khoEVA1QNG0Jeq93a-qWdfTEx/Vn-xsSqGxSyB4ToSuElsY9EAaM6wh3ZLhIMdA94AowkH-NEM2pZXQR84dC1FdpX/WqDB3hSB0slQfrdEBaCE7gCHiPViF1kklGPXg3yzN5X28OwVNDrQJ19M-YnNhvnBqJK5xMFxSeib8kVX8a511975sjn2VpXUV8pd8X3qf4cp_

At this point, there seemed tb no way out without jumping through
their hoops (i.e. clicking "Ok" on a dialog....).

Effectively this little nasty took over Chrome.

Finally used TaskMan to kill Chrome altogether.

Logically, it doesn't seem like Chrome sb designed to allow
somebody to take it over....

Is this a known phenom?
--
PeteCresswell

Re: OT? Online Survey Takes Over Chrome

(PeteCresswell) wrote:
Quoted text here. Click to load it
http://onlinesurveycenter.net/?u=bZSfrYk0-FB3O5eK99cklThi5fW7i39d7ZEsHhVDqMigjMbpGvYxDd2ARntgPT3HeMpbczz0DkOhDLesVid1rLFWcIukkYzg7hgfR5yqrGc0blV9Cvn9Zezv4cwRwJBqwv55/GEfG0mwjwJxc7z6UaGD7yWJGYt0xAfMUBtENnecI8-uZZD69N7CcflNrPW34VWjTOmPkeHTrLkcsL7GFkCvhcMmYBOyAMIx6khoEVA1QNG0Jeq93a-qWdfTEx/Vn-xsSqGxSyB4ToSuElsY9EAaM6wh3ZLhIMdA94AowkH-NEM2pZXQR84dC1FdpX/WqDB3hSB0slQfrdEBaCE7gCHiPViF1kklGPXg3yzN5X28OwVNDrQJ19M-YnNhvnBqJK5xMFxSeib8kVX8a511975sjn2VpXUV8pd8X3qf4cp_
Quoted text here. Click to load it

I haven't seen this one, but have seen others that take focus and *seem*
to make it necessary to stop all browser instances to kill it. If I am
doing something important (seldom the case) I will use task manager and
under the applications tab right click on the miscreant script embedded
instance and choose minimize and then continue my work. It has been my
experience that the script is doing nothing while it is waiting for
input from the user.

In the cases I am familiar with, it eventually leads to malware, so when
I am done with whatever important stuff I may have been doing, I shut
off my wireless radio and click through to see the connection problems
dialog and a URL to capture. I'm not sure if it would be safe in this
case or not - there seems to be some obfuscation going on in those scripts.

Re: OT? Online Survey Takes Over Chrome

"(PeteCresswell)" wrote:

Quoted text here. Click to load it

Yes. Your browser was not taken over - it's just javascript and a
result of the onbeforeunload event handler. It applies to all MS
browsers since IE4 and most other brands after that who have also
implemented this non-standard feature.

In this particular case there are two message dialogs generated; one
from the alert function and one from the fact that onbeforeunload is
returning a string:

 window.onbeforeunload = function(){
  alert("Don't miss this chance claim your free prize!...");
  return "We're so sorry to see you go...";
 }

The browser is generating the last dialog itself and surrounds the
returned text with:

"Are you sure you want to navigate away from this page?"
[string returned by onbeforeunload]
"Press OK to continue, or Cancel to stay on the current page."

or similar text. Pressing OK will close the page.

See http://msdn.microsoft.com/en-us/library/ms536907(v=vs.85).aspx
although, as I said, it applies nowadays to non-IE browsers.



Site Timeline