system
8
So there is a new piece to the puzzle. When I went to log into the Battlelog site… all of a sudden my IE is choked down with a file trying to SAVE and RUN; but IE stopped it and, as I said, almost choked on the popup dialog to SAVE, OPEN, or CANCEL a 50k file being sent from “r(dot)openx(dot)net”; a site/group already involved in DNS exploiting.
Personally I feel its just an advanced take on the GhostClick DNS Malware Changer operation but doesn’t involve the ISP at any point. This would leave it very hard to catch, as far as an ISP Security Admin, as its not hitting anything but the end user.
Either way, when you use Chrome or FF style browsers… see ya. You don’t get to choose… it doesn’t even show up in logs but your DNS (if not specifically set) is ‘captured’. I only see this capture occur in my hotspot as well, my router still shows its fine when Im on it. But, if its END USER only; then Im probably lucky to catch the change on my Hotspot. It seems things are being designed for the more popular browser’s these days, too. Really, how many but me have went back to IE after noticing the others starting to do some ‘interesting’ things?
…and really; if you were designing maleware, wouldn’t you be designing it for the browsers people have just decided are “safer” or even worse, as most feel with Linux, “Bullet Proof”. We all know better, but we all now others that believe the very thing.
You too… Im checking the article now.
#33rd #piratemafia