Geek.com visitors attacked by DIY exploit kit
Technology news and reviews site Geek.com was recently hit by an attack that redirected visitors to malicious websites that attempted to install malware on their computers, researchers from zScaler said. Feature articles on the website, in addition to its home page and “about us” page, contained invisible iframes that downloaded …
This topic is closed for new posts.
Question on NoScript
Let's say I had NoScript to only allow scripts on Geek.com website, would I have been vulnerable to this attack? Or would I have had to block Geek.com as well? Thanks.
JavaScript
NoScript would block the javascript that contained the exploit code.
Sandbox the web-browser
Users need to learn to sandbox their web-browser for general day-to-day use. Companies also need to encourage staff to do this.
Re: Sandbox the web-browser
Ok, on a site called geek.com, users might be expected to understand what Sandboxing is, but for most people the response would be "WTF is Sandboxing? I go to the site in IE I click on stuff, pages come up, what's the problem?"
Doesn't surprise me
A number of years ago I bought 3 digital frames from them, when mounting them on a VM within ubuntu they were all found to infected with a trojan. Geeks are not the most responsible of vendors IMO.
This topic is closed for new posts.
