Jump to content
animats

Ad-based attack on Second Life

Recommended Posts

secondlifead.png.9a8e83d9e23710af1128cbc5115a4190.png

This is an ad on Bing. Sometimes the top search result for "second life". Don't go there. This is what happens.

 

attack01.thumb.png.0fc9b5b904aced6431664b9a011a8419.png

That's where the link goes. It's supposed to look like a Windows desktop and asks for your user name and password. This is on Linux, so that's not very convincing. If you had the browser in full-screen mode on Windows, it might be convincing.

It's really hard to get rid of this page. It has something that uses huge amounts of memory.

Edited by animats
  • Sad 1

Share this post


Link to post
Share on other sites

It's not just an attack on Second Life. Other searches, such as "Firefox bug" lead to the same place.

Share this post


Link to post
Share on other sites
32 minutes ago, Nova Convair said:

This is so old - but here and there there is still someone that panics.

It was supposedly fixed in Firefox 63, but no. The problem is that the "Authentication required" message in Firefox is a modal dialog - you can't do anything else in that window until it's dismissed.  If you dismiss it, it pops up again. This prevents clicking on the "Stop it" button. The attack page uses as much memory as possible to force the system to swap to disk and run very slowly.

Sent Firefox a bug report. Firefox is supposed to be able to deal with that.

Edited by animats

Share this post


Link to post
Share on other sites

I've noticed this issue when using bing and trying to find a few SL links for the marketplace.  I end up dropping back to google or yahoo to find the right path at times,  I'm pretty good with search engines bing drives me bonkers though at times.

Share this post


Link to post
Share on other sites

It's been reported to Bing, and disappeared from search quickly. The attack site was hosted, briefly, on Digital Ocean, but it's down there. Reported to Firefox as a bug; the anti-DOS measures Firefox takes didn't work right.

  • Like 2
  • Thanks 1

Share this post


Link to post
Share on other sites
4 hours ago, animats said:

It's been reported to Bing, and disappeared from search quickly. The attack site was hosted, briefly, on Digital Ocean, but it's down there. Reported to Firefox as a bug; the anti-DOS measures Firefox takes didn't work right.

Thanks for not just putting up with that stuff.  Reporting it is good.

Share this post


Link to post
Share on other sites
On 2/17/2020 at 2:19 PM, animats said:

secondlifead.png.9a8e83d9e23710af1128cbc5115a4190.png

look at the url before clicking the search result. if it doesnt say secondlife.com it is most likely a phishing/harmware site. These kind of sites are made for alot of legit services like world of warcraft and minecraft. so its not just limited to SL.
The one posted here looks like the old windows tech scam. Made to look like your PC just got infected, give you a number to call, the scammer fools you more into thinking your pc is badly infected then says he can fix it for a fee. But all the scammer did was get you to install teamviewer, open console and type in some random stuff made to freak out people.
Its all over YouTube of how the scam works.

Good that this one posted has been reported but remember this isnt the only one aimed at click batting second life searches.

Google search has a better system to filter out phishing sites but always check the url in the green text before clicking, if it looks like a scam it probably is.

Edited by VenKellie
  • Like 1

Share this post


Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.


×
×
  • Create New...