FelidraEoL-Veteran Upping the guild post count
Joined: 25 Apr 2007 Posts: 3058
|
re: Security: Trojan advert on Wowhead, Thottbot and Allakhazam
by Felidra on 2008/03/11 6:23
For those who haven't seen it yet,
The following was posted on http://worldofraids.com recently;
Quote: |
Security Warning: Trojan virus on Wowhead, Thotbott & Allakhazam
There is currently a trojan virus spreading trough advertisements on Wowhead, Thottbot and Allakhazam. The advert will appear in the form of a browser highjack which grabs your front window and resizes it to fake a warning dialog.
The Wowhead team is already aware of this problem and they are trying to fix it, but it seems more difficult than intended, so they might remove advertisements completely until the issue is found.
Until then, you should consider using a different database site or add some protections to your browser (such as Noscript).
|
See more at http://boards.worldofraids.com/topic-11536-1.html
If you're not using Firefox with the NoScript addon and an advertisement blocker already (or anything more obscure with those two things added to it), consider this a warning. Many hack attempts on your account waltz in through insecure (Microsoft) software products with default security settings. Taking simple measures like switching browsers to something less mainstream and turning off known security plagues like Javascript (which is what Noscript does, but then selectively) and advertisements is the minimum you can do to protect yourself.
We've seen what a hacked account can do to people - and trust me, you don't want that.
As an aside, it will also make your browsing experience much better..
_________________ ●██████████▄▄▄▄▄▄▄ --=When in doubt =--
▄▅T██A██N██K▅▄▄▃▂
█E█V█E█R█Y█T█H█I█N█G►
◥☼▲⊙▲⊙▲⊙▲⊙▲⊙▲☼◤
|
|
ScorwenEoL-Veteran Initiate chatterbox
Joined: 24 Jul 2007 Posts: 189
|
re: Security: Trojan advert on Wowhead, Thottbot and Allakhazam
by Scorwen on 2008/03/11 7:41
A great chance for the newcomer WOWDB to increase its fanbase.
_________________
|
|
|
re: Security: Trojan advert on Wowhead, Thottbot and Allakhazam
by Saraesa / Liesje on 2008/03/13 13:39
One extra security measure:
Quote: | Yeah that's true, Blizzard takes a while to confirm you really got hacked etc if you report them that.
All you gotta do to prevent that is either: disable scripts from those two ad sites (quantserve yieldmanager), or add these two lines to your hosts file in windows/system32/drivers/etc/ folder:
127.0.0.1 xpantivirus.com
127.0.0.1 ad.yieldmanager.com
This will basically force requests from those two urls to 127.0.0.1 which is localhost, which will result in.. nothing :p
This is actually recommended to be done because the trojan is comming from those two ad networks, and its not only wowhead thats using them. For example, WoWAceUpdater uses yieldmanager too for ads, hence its vulnerable. |
(Quoting Niana here from the SSL forum)
_________________
|
|
|