5 replies to this topic

[VashonDude]

I found this ad at a website (411mania.com) I go to frequently. If you put the cursor anywhere on the ad (top part of picture), a dialog box (bottom part of picture) shows up. Fortunately IE plugin won't install if you click on Cancel. Have there been known cases where something can install just by placing your cursor on an ad?

-- LB

Attached Files

•  IE_plugin_ad_and_box.jpg   23.6KB   44 downloads

[Misereor]

It's called a mouseover, and if you have scripting enabled in Internet Explorer it can do anything a mouseclick can.
(As far as hyperlinks are concerned.)

[ChaoGuy]

The banner itself I recently searched is Intelligent Explorer, that is likly the maker of the toolbar also, and it is best to block or put the Toolbar URL on the restricted sites list because I found it is using other domains to prevent the Restricted sites issue that most spyware is still getting around, just a heads up guys.

also trying to find it on the View Source thing is usless it's code is hidden from view.

If you guys are also concerned on it here is the URL on this virant, http://securityrespo...e.ieplugin.html

Edited by ChaoGuy, 11 June 2004 - 01:43 AM.

[Tuxedo Jack]

Yeah, Flingstone tried this on animelyrics.com a while back. It doesn't work if you turn off Javascript.

[nl255]

There is a toolbar that automatically installs just by visiting a website. The I-lookup trojan bar installs by using unpatched security holes in MSIE.

[Misereor]

A quick correction to what Tuxedo Jack said. (No offense.)
Just about any kind of web-scripting will enable mouseovers, not just Javascript.

Scripting can also try to execute files (such as installing a BHO), but unless it utilizes a security flaw, you will be prompted for an accept.

Edited by Misereor, 14 June 2004 - 07:30 AM.