Search Support

Avoid support scams. We will never ask you to call or text a phone number or share personal information. Please report suspicious activity using the “Report Abuse” option.

Learn More

Prevent Hostile Popup / Hijacking

  • 10 replies
  • 9 have this problem
  • 2 views
  • Last reply by ooPheix1

more options

Every now and then I come across a website that will open a dialog, prompting user action, while keeping the user trapped on the site. Closing the tab or the browser is prevented. As none of the sites I frequent need this function, I'd like to know if it is possible to deactivate this function.

Here's an example of such a hostile website: manualupdatenotification.com

All Replies (10)

more options

Use AdBlockPlus to block most pop-ups. Alternatively, if you know the URL of these websites, open C:\Windows\System32\Drivers\etc\hosts (or /etc/hosts, in UNIX/Linux) and add a new entry, matching those websites to 127.0.0.1, so they can't be accessed.

The entry would look like this: 127.0.0.1 www.manualupdatenotification.com

Modified by mattcamp

more options

Thank you for your reply. AdBlockPlus is already installed on my system, but it will not prevent this issue. Manually adding URLs to reroute them to localhost seems like an option, but only works after the attack has occured. Is there on other way from preventing this? Allowing a website to block the entire browser, locking the user in a loop, seems like something that should be prevented.

more options

I found this add-on.

I never used it specifically, but it should address your issue.

more options

mattcamp said

I found this add-on. I never used it specifically, but it should address your issue.

Thank you very much for you reply. It seems to be a usefull tool, but does not solve my problem. The sites I'm refering to, completely lock all access to anything within the browser. You can't close the tab, you can't close the browser, neither right-click or access any menu options. Adding the site to the blacklist of the recommended plugin requires right-clicking. Even closing FF via the task manager, will have the tab open when FF restarts. When you disable restoring tabs, one no longer has the URL to add to the blocker.

I'm not sure if I explained this well enough, but these hostile sites open what seems to be a windows dialog, completely disabling any of the browsers functions. The only way I found to manage this, is to write down the URL and add it to the list of blocked sites, in this case of my antivirus software. Depending on how complex the URL is, this can be a real pain.

The only soloution I'm aware of is disabling Java-Script - but so many sites and services still rely on JS.

Here's an artcle on the matter by ZDnet: 'Modal Dialogs"

Modified by monokoi

more options

Please follow  : https://support.mozilla.org/en-US/kb/troubleshoot-firefox-issues-caused-malware and https://www.malwarebytes.com/adwcleaner/ and https://forums.malwarebytes.com/topic/9573-im-infected-what-do-i-do-now/

Would it not be best to do a whois lookup and report the sites also. Put the sites into your firewall also.

If you run the Trial of Malwarebytes am sure you will buy it to run alongside your A/V & Firewall. Has saved my butt many a time.

Note: there is a Firefox blocker on slow release being tested by some. As to how good or other info no idea. Only know how to remove it due to issues.

Note : there will never be 1 program to solve all the ills out there, will have to use multiple.

Suggest also Having Site ask your permission to use java first. Though that just means they will move to a script so there is no win or silver bullet.

Please let us know if this solved your issue or if need further assistance.

Modified by Shadow110

more options

monokoi said

Every now and then I come across a website that will open a dialog, prompting user action, while keeping the user trapped on the site. Closing the tab or the browser is prevented.

Could you be a bit more specific about this 'user action'  ? Are you told to call a phone number  ? Do you get an 'authentication request'  ?

more options

Pkshadow said

Please follow  : https://support.mozilla.org/en-US/kb/troubleshoot-firefox-issues-caused-malware and https://www.malwarebytes.com/adwcleaner/ and https://forums.malwarebytes.com/topic/9573-im-infected-what-do-i-do-now/ Would it not be best to do a whois lookup and report the sites also. Put the sites into your firewall also. If you run the Trial of Malwarebytes am sure you will buy it to run alongside your A/V & Firewall. Has saved my butt many a time. Note: there is a Firefox blocker on slow release being tested by some. As to how good or other info no idea. Only know how to remove it due to issues. Note : there will never be 1 program to solve all the ills out there, will have to use multiple. Suggest also Having Site ask your permission to use java first. Though that just means they will move to a script so there is no win or silver bullet. Please let us know if this solved your issue or if need further assistance.

Thank you for your reply. An infection is not my issue and FF runs fine. I agree Malwarebytes is a good tool for users that have allowed malware to be installed on their system.

Running a WhoIs query will most likely yield suboptimal results, I don't expect them to register their URL properly. A Whois query for the site mentioned above returns a registar on the Bahamas. (Internet Domain Service BS Corp) After a bit of research, it seems many spammers, torrent sites and malware distributors use their service. I'll give them notice and see what comes of it.

Having sites ask for JS permission could be a temporary soloution. Is this a setting within the options of FF (about:config)?

Happy112 said

monokoi said
Every now and then I come across a website that will open a dialog, prompting user action, while keeping the user trapped on the site. Closing the tab or the browser is prevented.

Could you be a bit more specific about this 'user action'  ? Are you told to call a phone number  ? Do you get an 'authentication request'  ?

Thank you for your reply. For this example there are two open dialogs, one requesting the 'resending of data' and the second one a login/pwd prompt. (I've linked the site in the first post.) There's a followup page that will take FF to fullscreen mode prompting the user to allow the installation of a false 'Firefox Update'.

I'm looking for a soloution on how to prevent from JS calling such dialogs in general, without haveing to disable JS alltogether. The blocker mentioned by @PkShoadow sounds interesting in this regard.

more options

You can also look at uBlock Origin as a replacement for Adblock Plus.

more options

I run Malwarbytes paid version which runs fine with my Norton Security A/V and Firewall. Malwarebytes updates constantly as does Norton with Revocation lists and Whitelists.

It is very nice when I go and click on a link that is bad I get blocked by the program. Malwarbytes does not say why, Norton has a Page that does.

Now there is another way but some ISP's do not take kindly when some things get blocked. May have to edit lists. There is https://www.iblocklist.com/ free and subscribe to add to programs that support the ability to do this. I used to run Peerblock and add lists to it by copy links.

You may want to follow up on this idea of using Iblock lists in maybe a more current program or find a firewall that will let you import the lists.

Please let us know if this solved your issue or if need further assistance.

more options

As a fighter against spam i see hundreds of new registered domains daily used for spamming and distributing malware. Using blacklists is not really good solution to fix this problem.

A better solution would be to use the Firefox build in protection that already exists for the javascript alert() function and extend it to http auth, form resend and other dialog boxes that could block the whole window.