Pirate Bay visitors infected with crypto-ransomware via bad ads
>According to security firm Malwarebytes, the chief threats behind the attack on Pirate Bay users were the Magnitude exploit kit and a relatively new ransomware subscription service, Cerber.
>Ransomware attackers have been on a month-long malvertising rampage, targeting visitors to numerous porn and torrent sites to lead them to the Magnitude exploit kit.
>The attack tool chiefly exploits vulnerable browsers and Adobe's Flash Player plugin, and has of late been delivering the Cerber ransomware.
Source: http://www.zdnet.com/article/pirate-bay-visitors-infected-with-crypto-ransomware-via-bad-ads/
>having Flash installed
>having windows installed
>>54337624
this desu senpai
I'm using Windows 7, firefox and I have flash installed
I also went to the pirate bay about an hour ago
If shit hits the fan I will post it here from my laptop so you can all point and laugh
which browsers and which versions
>>54337701
thanks, i'll be expecting you in the catalog in two days.
>>54337701
You know PirateBay was complicit, so just don't go there again, m'kay.
>>54337701
>not having flash run only on confirmed sites
>>54337705
This
Can't find any info on this and the only screenshots are from IE
>>54337717
>You know PirateBay was complicit
Wut
>>54337736
They desperately need to pay their lawyer and court fees.
If you allow ads on torrent sites you're a fool
>crypto-ransomware
gee billy that sure does sound scary
>mfw winxp without any anti-virus
>mfw browse with a mac user-agent everywhere I go
>mfw if a malware pops it will be specifically crafted for mac and just not work
Feels good man. I only miss flash for xvideos but I just use jdowloader when the urge is too high.
>>54337763
>Firefox
Jesus fucking Christ
>>54337759
believing that will work, kek
>>54337624
>>54337647
Yeah, I have OS X, no viruses for me.
>>54337763
I just use my android tablet.
>>54337781
>pop up
>do you want to download mackeeper.dmg
>windows can't run this file
>get angry_virus.exe
>format and reinstall
>nothing of value was lost
Do you fags really store important data on the same computer/network you 4chin/torrent/whatever on a daily basis?
>>54337844
Yeah senpai
>>54337763
>xvideos but I just use jdowloader
shoutout to youtube-dl. great CLI video downloading, works on all major porn sites too.
>>54337624
>Linux
What is the alternative for having flash installed?
>>54337877
is that easy to use? easier thatn jdownloader?
>>54337892
Not having Flash installed.
>>54337877
youtube-dl doesn't support nearly as much porn sites though
>>54337892
Having it installed but requiring it to ask for permission before running, and never selecting "Always allow"
>>54337925
I hate how Firefox does it.
dwb's simple click to enable is much better.
>>54337892
html5
>>54337909
>>54337581
>flash
every single day until you uninstall it
>>54337892
What sites do you need flash for?
>>54337906
open up terminal, type "youtube-dl $YOUR_VIDEO_URL" then it downloads the vid into your current folder.
>>54338007
so not as ez as jdownloader, huh
>not having adblock
>not having noscript
if you don't use this you are retarded, this even prevents scripts from exploiting flash, ransomware only affects tech illiterates and normies.
Nothing to worry about since who the fuck even browses dodgy porn sites/pirate bay out of all fucking things.
>>54338021
youre seriously pathetic if you cant even do that
>>54338290
i can, but why should i?
if it is not as ez as what i am doing now, why change?
damn mane, you hella crazy
>>54338073
Adblock + umatrix better
>mfw use ublock origin + chrome + windows 10
>used pirate bay with these "bad ads"
come at me faggots
>using windows
>having flash enabled
>not using adblock
all of that stupid
>>54338338
>windows 10
you already have malware installed
>>54338000
youtube
>>54338290
>can't
>don't want to
I understand that in your life those two are the same thing, but that is not the case for majority of population.
>2016
>using piratebay
>>54338357
rekt
>>54338378
No you don't
>>54338420
The HTML5 player sucks.
>>54338400
I haven't used torrents from outside of /t/ in ages, what's the best torrent site now?
>>54338428
How? Works fine for me.
>>54338435
Some autistic private tracker shit.
>>54338435
public? kickass i guess
private trackers are infinitely better though
>>54337581
>retards infected via ads
>mfw
>>54337581
>>having Flash installed
>ad networks even getting past lookup
>you don't use the firewall or hosts file to block ad networks
>not even using js adblock plugins
What the fuck are you doing, son?
>idiots saying that this is the fault of Windows
No it isn't. If you can break Flash as a cross-platform exploit, you can break all sorts of client side systems.
But then you have to actually have the client download your malware from the ad network.
This is why blocking ads is a good thing.
I use Linux for every setup I can. I am under no impression that I am invulnerable. Not since I was able to run the Bagle worm in Wine.
>this is only a problem with torrent and porn sites
Hahahahahahaha....
Even Investor Village got hit with malvertising.
>>54338435
Kickass
Rutracker is also good for flac sometimes
>>54338428
Mpv doesn't
>>54338515
Which I normally use unless I need some youtube features like annotations.
>>54338378
1. youtube has a HTML5 player that works out of the box on all major browsers
2. youtube is supported by ‘mpv’, ‘VLC’ and probably also ‘MPC-HC’ etc. just fine, which has the added plus of actually being real media players rather than some hacked-together flash shit that judders, stutters, bands and saturates like crazy.
>Flash-based randsomware
So no public reverse engineering videos and notes then?
>>54337581
This sort of reporting disgusts me. Every time an article talks about malware infections it should specify the exact vector, AND ACKNOWLEDGE THIS WON'T HAPPEN TO YOU IF YOU DIDNT CHANGE DEFAULT BROWSER SETTINGS TO FULL RETARD.
Jesus fuck...
In order for this to work you need to have flash enabled by default, not run an adblocker and not have a real-time antivirus. It only fucks up retards, nothing to see here folks.
>>54337701
Set Flash to "Ask to activate" you fucking mouthbreather.
>>54337581
you think thats bad?
the guardian once forbade everyone on their site if they used an adblocker.
for not even a day.
because the if people disabled their adblockers they got infected with malware, browser hijackers and crypto ransomware from the fucking guardian through their ads.
>>54337581
The Apple MacBook Pro with Retina Display doesn't have this problem.
>>54338974
Most people have Flash enabled by default and doesn't use an adblocker.
>>54337581
>According to security firm Malwarebytes
It's like they are paid industry shills pushing "PIRACY IS DANGEROUS" meme.
>>54337783
Fuckoff shill
>>54337729
>only screenshots are from IE
CUCCKED AGAIN, WINCUCCKS
>>54339683
Flash doesn't come pre-installed, though. Everyone and their mom installs it anyway. Because they're stupid. Flash is completely unnessecary in $CURRENT_YEAR
>>54337844
900gb of carefully picked JAVs cant go away like this Anon. Its my legacy to my unborn son
>>54337581
>Not having backup.
>Torrenting on Windows
>Torrenting on windows without a sandbox
>>54337783
Except HIV, you homo :^)
>>54337890
>drake posting
>Windows user
I think suicide is the best cause of action
Help me out here. I'm a tech retard. What needs to happen for this thing to install itself? Just browse the page with adds showing and with flash active on your browser? Is that enough for it to download itself? Or do you get redirected to a site where you download a fake file (game of thrones.exe)?
Just browsing (with retard settings) can get this stuff on your computer?
>running web browser in a sandbox
>uBlock origin installed
>running anti-virus
>important shit is backed up to external drives
>already know that The Pirate Bay has been compromised for the past year or two
Ya'll niggas done goofed
>>54341701
>Is that enough for it to download itself?
I think so, yes. Yes, Flash is THAT shitty.
>>54338974
>not have a real-time antivirus
b-but muh common sense
I'm not visiting shady sides and downloading hot_girl.jpg.exe! so how could I ever get infected?
>>54340320
But I'm not Debian user anon :^)
Was 21.0.0.213 vulnerable?
>>54342689
>Is [any version of Flash] vulnerable?
Yes. The answer is always yes.
>>54337581
>Get crypto'd
>Grab external
>Reinstall everything to clean state within 30 minutes
It's not like i lost anything of value...
>>54337581
I just keep my flash player constantly out of date so it always forces me to allow it if I want to watch something and then I have ublock.
So far so good.
Ah yes, that sweet Angler exploit kit
Cerber even plays audio when it infects your system, pic related
>>54338428
It does but it's the best player youtube has had. At the worst it's as shitty as the Flash player so you may as well use it.
>>54337725
how?
I want to do this, I only use flash for /f/
Smh fäm. Glad Apple killed Flash. Porn sites should switch to HTML5. It's fucking 2016 people!
>flash
>ads
>flash ads
damn, that takes me back
>>54343487
why not just use "open with" and add a menu entry to open the swf links with flash projector? (the standalone version of flash)
>>54338357
Kek, it's the only OS with anti spying tools like peer block and spybot Anti Beacon. Linux and Mac don't have that, making them huge honeypot OSes.
Enjoy the NSA looking at your data.
>>54337581
>not having some kind of adblocker in the year 2016
You deserve everything you get.
