I have two separate pieces of security software that run regularly - Webroot and
ID: 659708 • Letter: I
Question
I have two separate pieces of security software that run regularly - Webroot and Microsoft Security Essentials, and even though neither of these have detected anything is wrong with my computer, every now and then a site that I visit will pop up a "Java" site, which I suspect is fake, which when I close pops up a warning message.
Yesterday, this pop up site forced a "Java" download (again, I suspect this is fake), which I quickly removed and I couldn't close my browser as the warning message would not let me exit. I had to get windows to shut down the browser. I distrust many of these websites that have solutions because Webroot warns on them too (it's a good tactic to be a fake site about a solution to a virus).
Does anyone know about this problem (possibly virus/malware) where a user is forced to download (probably) a fake Java update and how can we get rid of this ourselves (I don't trust links/software anymore, as two of them are already not doing their job)?
Explanation / Answer
This java/flash fake warning stuff seems to be coming from ads being served out as they disappear when AdblockPlus is active. Yes, the page and the download are both malware.
The ad networks seem to start showing fractures in their standards on what they accept for content.
If you're using Chrome, shut off the autodownload feature. It's a holdover from Safari and Apple Webkit from which Chrome was designed and has always been a bad idea from its inception. It will download the executable which leaves you about one step away from installation.