Virus from web surfing

Do you have a question? Post it now! No Registration Necessary.  Now with pictures!

Threaded View
I was at a friend's house yesterday with a number of other people and he
was surfing the web at one point when a virus protection program on his
laptop, called Webroot, warned him from entering a web site. Nonetheless
he entered the web site, did not download anything from that site, and
this morning is having problems with booting his computer. I talked to
him on the phone and when he described the problem to me ( he is not
very computer savvy ), he said he was getting an error about the hard
disk not being found on bootup.

I am pretty computer experienced and I did not think that merely going
to a website can introduce a virus onto a system without actual
executing some file on that system. Am I naive about my belief, or is it
more likely that he has encountered some hardware problem which just
coincides with what he had done yesterday ? He had taken the laptop to
Best Buy about 2 weeks ago to fix a hardware problem and what occurred
this morning sounds ot me as if the problem he previously had with his
hardware may have reoccured.

Of course I realize that without visiting him and looking at what he is
describing as happening over the phone, I can not know what is wrong
with his computer, but I though I would ask here anyway to see if anyone
has experienced a virus that can be triggered by just surfing to a web site.

Re: Virus from web surfing


| I was at a friend's house yesterday with a number of other people and he
| was surfing the web at one point when a virus protection program on his
| laptop, called Webroot, warned him from entering a web site. Nonetheless
| he entered the web site, did not download anything from that site, and
| this morning is having problems with booting his computer. I talked to
| him on the phone and when he described the problem to me ( he is not
| very computer savvy ), he said he was getting an error about the hard
| disk not being found on bootup.

| I am pretty computer experienced and I did not think that merely going
| to a website can introduce a virus onto a system without actual
| executing some file on that system. Am I naive about my belief, or is it
| more likely that he has encountered some hardware problem which just
| coincides with what he had done yesterday ? He had taken the laptop to
| Best Buy about 2 weeks ago to fix a hardware problem and what occurred
| this morning sounds ot me as if the problem he previously had with his
| hardware may have reoccured.

| Of course I realize that without visiting him and looking at what he is
| describing as happening over the phone, I can not know what is wrong
| with his computer, but I though I would ask here anyway to see if anyone
| has experienced a virus that can be triggered by just surfing to a web site.


Probably a coincidence and has a CMOS battery problem.
Help him make sure the CMOS recognizies that a hard disk is recognized etc.

--
Dave
Multi-AV Scanning Tool - http://www.pctipp.ch/downloads/dl/35905.asp



Re: Virus from web surfing

Per FromTheRafters:
Quoted text here. Click to load it


-)
--
PeteCresswell

Re: Virus from web surfing

On Sun, 02 Jan 2011 11:56:32 -0500, Edward Diener wrote:

Quoted text here. Click to load it

I'm not commenting on Webroot or what's "likely" in this specific
situation. But I'd like to update your terminology and conceptual
understanding of how web sites work. Whenever you "enter" or "go to" a
web site, you are downloading "stuff". Especially if scripts are enabled
but even if not, you are downloading potentially dozens of files of
various types, which are then "interpreted" by software on your system.
You would like to think of them as only "data" and not "executable", but
the fact is that many of them have an executable aspect to them.
(Javascript is part of most web pages and is most definitely
"executable". Disabling it helps, but isn't fool-proof, and most people
don't even do that.) If local software, such as the OS or the browser or
other helper software like Acrobat Reader or image renderers, etc., has a
vulnerability and the downloaded files take advantage of that
vulnerability, then you can definitely be infected. It does NOT require
explicit "actual executing some file". A lot of previously reported
malware is in this category. Keeping your OS and other programs up to
date should eliminate previously discovered vulnerabilities, but not
newly discovered ones (so-called zero-day). And anti-virus software
generally does not protect against zero-day attacks.

Re: Virus from web surfing

Per default:
Quoted text here. Click to load it

That one made it to my "keepers" file.

Thanks!
--
PeteCresswell

Re: Virus from web surfing

On 1/2/2011 6:09 PM, default wrote:
Quoted text here. Click to load it

I understand about scripts being downloaded and running on the client
side and I understand that if Javascript does something on the client
side as it runs it can theoretically change something on the client
computer. But as a programmer myself I have never heard or seen of any
ability which Javascript has to actually access the client computer's
hardware or file system. While some Javascript release in a browser
could have a bug in it which allowed such intrusion I would strongly
imagine that this would have been fixed and that every browser one uses,
if one keeps the browser up-to-date, will pick up such a fix. Of course
my friend could have been using an old version of a browser running some
early version of Javascript which allowed a hacker to subvert his
system. But my gut feeling is that Javascript has been gone over by so
many people down through the years to stop such an intrusion that is it
unlikely that some virus occurred from running it on the client side.
However, I am willing to listen to those who tell me otherwise.

I admit to not disabling Javascript myself as plenty of web sites that
rely on it will no longer work properly. But then again I am pretty
careful where I surf on the Internet, unlike my friend who is much more
of a novice.

I agree that if other software involved in rendering a web page or its
images have a vulnerability, that is a place hackers will attack.

The upshot for my friend is that he took his laptop back to Best Buy and
they told him his hard drive stopped working. Since he bought it from
Best Buy originally, and since my view of Best Buy is that they sell
cheap and easily breakable computer hardware ( unfortunately my friend
does not know about New Egg etc. ) I think they just sold him a  cheap
system, which worked nice for a short while but now he has started a
cycle of paying for who knows what will break down next.

Re: Virus from web surfing

Edward Diener wrote:
[...]

Quoted text here. Click to load it

It only takes minutes for your browser version to become *old* in this
sense.

Quoted text here. Click to load it

Javascript should be "well behaved" by now, but can be used maliciously.
I'm only mentioning misbehaving software.

http://www.microsoft.com/technet/security/advisory/2488013.mspx

Re: Virus from web surfing

On 1/2/2011 10:26 PM, FromTheRafters wrote:
Quoted text here. Click to load it

Agreed. But the major browsers all must have a pretty good security team
involved with their development so that any possible exploits are
carefully examined with each release.

Quoted text here. Click to load it

Good link. Thanks !

I am aware that there are web sites out there which may have malware
trying to infect an end-user's computer through a browser vulnerability,
else one would not see updates from the major browsers to close possible
security holes. I admit I am probably naive in not realizing the effort
that can be made by such sites to exploit such vulnerabilities.

I guess I was skeptical that this happened to my friend because,
although I do not know the exact web site he went to which Webroot
warned him against, I was told by him that other people he knew said
they had surfed that sight without problems of their own. I also react
pretty quickly on my own if I ever see a web site that suggests it is
trying to convince me that something is wrong with my computer with
ridiculous displays of so-called scans of my files and other attempts to
scare me.

Re: Virus from web surfing

Edward Diener wrote:
Quoted text here. Click to load it

Some of these 'bad website detectors' are alerting to the scareware crap
that you just mentioned (it is malware after all). I sometimes download
the executable and submit it to the online file submission scanners just
in case it is new and may need to be exposed to the anti-malware
community. You can visit such a site, get an alert, then visit it later
and not detect anything (because 'this time' there is no malware there).
It's kind of a hit or miss situation.

Too bad the drive failed, you could see if Webroot logged the event
otherwise.

Re: Virus from web surfing

default wrote:
Quoted text here. Click to load it

I'm thinking the OP already knows this, but thanks for the nice post for
completeness' sake. If the OP were to look up the recent IE exploit
vector, he may begin to understand how such malware can be foisted via
webpage content.


Site Timeline