pop-up page http://202.177.251.71.11066 gives spurious virus warning on Mac & cannot be closed except by QUIT
While on two public websites (University, Energy Company) yesterday and today a new panel (address above) appeared: "Warning! Your computer contains various signs of viruses and malware presence. Your system requires immediate antivirus check! Antivirus 2010 will perform a quick and free antivirus online checking of your PC", with a highlighted OK button and a clear Cancel one. As I work exclusively in the Mac environment, I have been advised by my University Helpline to ignore such messages, but on clicking Cancel an immediate InstallAntivirus2010.exe.download started and was repeated each time Cancel was clicked. Only by quitting Firefox was this process stopped. PS Not sure how to check for installed plugins? I seem to have silverlight (though know not what it is?). Adobe & the rest seem sensible guesses.
الحل المُختار
This is a known technique for trying to get people to install malicious programs. Antivirus 2010 is one of the known rogue program that if installed displays fake security alerts and tries to get people to but the fix. As you are on a Mac it could not be installed.
The site relies upon JavaScript to display the dialog boxes and prevent you from closing the tab. I use the NoScript add-on which blocks JavaScript on all sites by default, and allows you to specify what sites you trust and allows javaScript on them.
Read this answer in context 👍 3All Replies (6)
الحل المُختار
This is a known technique for trying to get people to install malicious programs. Antivirus 2010 is one of the known rogue program that if installed displays fake security alerts and tries to get people to but the fix. As you are on a Mac it could not be installed.
The site relies upon JavaScript to display the dialog boxes and prevent you from closing the tab. I use the NoScript add-on which blocks JavaScript on all sites by default, and allows you to specify what sites you trust and allows javaScript on them.
Those sites have been hacked so that those pop-up windows appear and try to trick Windows users into downloading the software. Pop-ups rely on Flash and JavaScript to run, so even if you click on Cancel, the file is downloaded, but it has no effect on a Mac.
You should notify the webmasters of those two sites that this is happening and they can remove those items and secure their system so it doesn't happen in the future.
Thanks Tony. Rather than block Java on all sites and then (perhaps) laboriously add it in site by site as needed, is there a way in which I can just block Antivirus 2010 per se as it is the only site to bug me, if you can pardon the pun? Regards Andrew
Thanks Mulder. The Websites will be informed. A
It's not Java that's being used, it's JavaScript, which is entirely different. Those pop-ups are invoked when the page loads, so unless you turn off JavaScript, you can't easily block those from appearing.
The only other option you have is to modify your hosts file to block your system from connecting to the domain that is actually serving up those pop-ups, but you may find it hard to discover that in the code of the web page.
Better to just not visit the site(s) until the webmaster has fixed them and removed that rogue code.
Thanks. Webmasters have been approached. A