 |
 | Home | Contact Us | FAQ | Search & Site Map | Link to Us |
 | Sign In | Join | Other 45 Sites in Network |
Medical Forum / Diseases and Disorders / Arthritis / April 2005OTP - Caution for those with teens - nasty website
I was looking for song lyrics last night and I ran across a very nasty website called Lyricspy. As soon as I went on to the site it attempted to guide me into overriding my active X controls and down load a plug in. It would not allow me to close any windows and kept insisting I had to agree to a download. I gave it the 3 fingered salute (alt control delete) and shut down IE. I re-opened IE and attempted to add the site to my restricted zone. I had not opened the site, but immediately SP2 popped up a warning and asked if I wanted to add lyricspy to my Trusted sites! This happened twice. If it was added to trusted sites it would automatically download the malware, spyware crap. I got around this by using a wildcard (* instead of www) That is not the only bag of tricks for this crappy site it also affects Firefox!!!!! It will attempt to load javascript that will cause IE to load the crap spyware. This blog explains what happens: http://www.edbott.com/weblog/archives/000562.html The screen shots were taken of the lyricspy website. So take note! IE users add it to your restricted zone click on Tools, intenet options, security, restricted zone, restricted sites. Add the site using *.lyricspy.com. Set your restricted zone to shut everything down you can do that by checking custom level and disabling everything. This site will load trojans and give you x rated pop ups (see the blog above for a description). This site shows up in a Google search close to the top so it is fairly easy to run into if you are doing an MP3 or lyric search. Especially appealing to teens. While you are looking at your security settings in IE take a look at what is in your trusted sites. Any site in your trusted sites can download automatically. I would keep that clear of any websites. There is a security patch for this vulnerability on the firefox site. So Firefox users you are not immune, make sure your browser is secure and download the patch! What a garbage site! -- MZ Visit my website: http://www.mzuschlag.com > I was looking for song lyrics last night and I ran across a very nasty > website called Lyricspy. As soon as I went on to the site it [quoted text clipped - 32 lines] > Visit my website: > http://www.mzuschlag.com I have no problem viewing this site with mozilla 1.7.5 on either Fedora Core 3 or Windows XP Home SP2. I simply do not accept the certificates and do not permit the java to run. I can't be sure how malicious the site is without letting it do something, but I never let these sites do anything anyway. Cheers, Ari  Signaturespammage trappage: replace fishies_ with yahoo I'm going to die rather sooner than I'd like. I tried to protect my neighbours from crime, and became the victim of it. Complications in hospital following this resulted in a serious illness. I now need a bone marrow transplant. Many people around the world are waiting for a marrow transplant, too. Please volunteer to be a marrow donor: http://www.abmdr.org.au/ http://www.marrow.org/ >> I was looking for song lyrics last night and I ran across a very nasty >> website called Lyricspy. As soon as I went on to the site it [quoted text clipped - 40 lines] > > Ari As a followup, it looks like even if you don't allow the java to run it is still downloaded to your computer in a .zip file. Within this archive is a virus! It can't execute unless you let it, but if you've been to that site you might as well do a full system scan and quarantine the .zip file with the virus. Cheers, Ari Signaturespammage trappage: replace fishies_ with yahoo I'm going to die rather sooner than I'd like. I tried to protect my neighbours from crime, and became the victim of it. Complications in hospital following this resulted in a serious illness. I now need a bone marrow transplant. Many people around the world are waiting for a marrow transplant, too. Please volunteer to be a marrow donor: http://www.abmdr.org.au/ http://www.marrow.org/ > I was looking for song lyrics last night and I ran across a very nasty > website called Lyricspy. As soon as I went on to the site it [quoted text clipped - 11 lines] > cause IE to load the crap spyware. This blog explains what happens: > http://www.edbott.com/weblog/archives/000562.html Here's a simple analogy to explain the problem further... Imagine you get a new hold-all, with a well recommended lock on it. Useful huh? Ok, so then you leave it in a house with cheap doors, crap locks, and several open windows and a delivery hatch around the back that anybody could climb in through. How secure is your hold-all now? FireFox can only be as secure as the weakest part of the OS its installed on, and with Windows, this means Windows. ANY system that allow remote control/installs by default is NOT SECURABLE!!! > The screen shots were taken of the lyricspy website. So take note! > IE users add it to your restricted zone click on Tools, intenet [quoted text clipped - 5 lines] > Google search close to the top so it is fairly easy to run into if you > are doing an MP3 or lyric search. Especially appealing to teens. Boring as it may seem, I had no problem with this site. Wanna know why? I DON'T have a powerful JAVA engine waiting for fly-traps like this to recruit it. I DON'T swallow that fiction about "trusted sites". NO site can be trusted. NONE! (That, and I don't run M$ software ;) If you rely on others to secure your system with a promise and a "click here", you've already lost the game. Its only a matter of time. In fact, you may already be running a zombie and not know it. (Which is what you'd expect huh? 8) > While you are looking at your security settings in IE take a look at > what is in your trusted sites. Any site in your trusted sites can > download automatically. I would keep that clear of any websites. Once again, THERE IS NO SUCH THING AS A TRUSTWORTHY SITE. The very concept induces the idea that there is, and this is not good for your sytem. It makes YOU the biggest security risk by fooling you into thinking that there ever could be. > There is a security patch for this vulnerability on the firefox site. > So Firefox users you are not immune, make sure your browser is secure > and download the patch! What a garbage site! -- MZ There are even better "patches" here... www.Slackware.com www.Vectorlinux.com www.OpenBSD.org ;) Signature--------------------------- Another squeaking wheel @ http//tinyurl.com/6bf56 Mike's Brain @ http://tinyurl.com/4872c Have a nice day, it really does do you good! :) --------------------------- |
Reply to this Message |
 Sign In
 Join
 My Latest Posts My Monitored Threads My Blog My Photo Gallery My Profile My Homepage Start New Thread Enable EMail Alerts Rate this Thread
|
©2009 Advenet LLC Privacy Policy - Terms of Use
This website includes both content owned or controlled by Advenet as well as content owned or controlled by third parties.