Browser got stuck on spam page. Malicious website or virus?

Eug

Lifer
Mar 11, 2000
23,376
800
126


I was surfing failblog.org when suddenly the above page showed up. I couldn't close the page. Finally I had to use Task Manager to kill it.

I did a brief search and some sites claim it is adware and has to be removed, but they seem to promote specific apps, so I'm thinking they may actually be ads in disguise to promote those adware removal apps.

Other pages suggest they are just from malicious webpages, which I'm inclined to believe. I don't have third party virus checkers installed but I do have Windows Defender. I know it's not the best, but in any case it doesn't seem to detect anything. I tried both a quick scan and a full scan.

So, is this a virus, adware, or simply a malicious website?

BTW, this is on Windows 10 with Chrome.
 

bruceb

Diamond Member
Aug 20, 2004
8,874
111
106
Had a similar thing happen a few weeks ago. Just opened task manager and killed Firefox ... No issues
 

taisingera

Golden Member
Dec 27, 2005
1,138
35
91
I've had that happen in Firefox 2 times, and I just kill Firefox if possible, if not I just shut the computer down, maybe do a virus scan when booting back up just in case. But I know this is some scam, I've even had the one that talks and says 'Your computer has a virus'.
 

Dahak

Diamond Member
Mar 2, 2000
3,752
25
91
I've seen this across all the various browsers, chrome, ie, firefox. Usually its just either the website that they visited or the ad network that the website used.
I usually just kill the browser process and all is normally good.

If it happens very frequently, then a malware scan is the next step, but its just usually that one time and may not happen again for ages
 

corkyg

Elite Member | Peripherals
Super Moderator
Mar 4, 2000
27,370
238
106
Some websites have a propensity to install PUPs. Those can be found and treated as malware by MBAM Premium. The easy fix is to not go to such sites. Site Smart is the web equivalent of Street Smart.
 

Elixer

Lifer
May 7, 2002
10,376
762
126
I was surfing failblog.org when suddenly the above page showed up. I couldn't close the page. Finally I had to use Task Manager to kill it.

I did a brief search and some sites claim it is adware and has to be removed, but they seem to promote specific apps, so I'm thinking they may actually be ads in disguise to promote those adware removal apps.

Other pages suggest they are just from malicious webpages, which I'm inclined to believe. I don't have third party virus checkers installed but I do have Windows Defender. I know it's not the best, but in any case it doesn't seem to detect anything. I tried both a quick scan and a full scan.

So, is this a virus, adware, or simply a malicious website?

BTW, this is on Windows 10 with Chrome.
That is usually from ads from a hacked ad server. Those can use exploits to install crap on your machine.
As of right now... https://www.virustotal.com/en/url/b8df01c03def95cd3b04ffe0a98e00fc0987d260b6233c822d79184766bdc7ed/analysis/1480974561/

The sure fire way to stop this (or any site) from harming your main system is to use a VM (virtual machine) and just blow it away every night.
 

Eug

Lifer
Mar 11, 2000
23,376
800
126
Hmmm... maybe another reason to use an ad blocker. The only issue is that some sites have compatibility issues with ad blockers and a few sites intentionally refuse to load if ad blockers are active. Forbes comes to mind.
 

Elixer

Lifer
May 7, 2002
10,376
762
126
"Millions exposed to malvertising that hid attack code in banner pixels"
http://arstechnica.com/security/2016/12/millions-exposed-to-malvertising-that-hid-attack-code-in-banner-pixels/

The malicious script is concealed in the alpha channel that defines the transparency of pixels, making it extremely difficult for even sharp-eyed ad networks to detect. After verifying that the targeted browser isn't running in a virtual machine or connected to other types of security software often used to detect attacks, the script redirects the browser to a site that hosts three exploits for now-patched Adobe Flash vulnerabilities.
With Javascript blocked, you can't get infected with ad/banner attacks, it is as simple as that.
But, that don't stop you from getting infected from browser exploits.

This is why a VM is the way to go. :)
 

Ketchup

Elite Member
Sep 1, 2002
14,523
227
106
This thing is hitting most of the people I know and a lot of them are older and very upset by it. I do hope someone gets a handle on how to block this thing. We were at my parents' the other night and I actually saw it for the first time on one of their computers. It pulled up a separate page that looked just like an MS page and had audio. I almost wish I had saved it, but it wasn't worth the time.
 

Puffnstuff

Lifer
Mar 9, 2005
15,625
4,393
136
Before I was using Malwarebytes premium I would see browser hijacks from time to time like that. I'd still run a deep scan to see if any still exist on your system and clean them off, set your browsers so no third party app can change your settings and run antivirus along with a anti-malware program. I tried webroot once and it didn't do so well which is how I ended up with Malwarebytes.
 

Iron Woode

Elite Member
Super Moderator
Oct 10, 1999
30,132
11,245
136
I use Palemoon with No-Script add-on and that stops those types of adware from annoying me. The page will pop up but won't do anything.
 

ASK THE COMMUNITY