Full Disclosure mailing list archives
Re: Facebook seems to think my Arch Linux box has malware on it
From: Sebastian Rakowski <seb3255 () gmail com>
Date: Fri, 20 Jan 2012 14:05:25 -0800
Appears legit. https://www.facebook.com/help/?faq=292760454081612 -Sebastian On Fri, Jan 20, 2012 at 1:29 PM, Gage Bystrom <themadichib0d () gmail com>wrote:
Yeah good luck with reproducing it cause it REALLY sounds like a mitm or a phishing attack trying to get people to download fake av. I would do a dns lookup and then compare those results to that of a public web service, and save the links for the AVs to check if they have any malicious history associated with them. On Jan 20, 2012 1:21 PM, "Wesley Kerfoot" <wjak56 () gmail com> wrote:It turns out that it was a problem with firefox. However, I do not believe I had any malicious addons or extensions for a few reasons. 1) I only had 4 extensions, adblock plus, pentadactyl, firebug, and noscript. 2) they were all vetted (presumably) by mozilla. I believe, and this is simply speculation, that the problem may have been caused by noscript stopping/interfering with some scripts on facebook. Facebook would assume it was malware interfering with the site, and attempt to block it. I am 99% sure my browser was not really compromised. I'm going to try and reproduce it later. On 19 January 2012 22:57, Byron Sonne <byron.sonne () gmail com> wrote:Hello,“Your computer has malware!” Facebook says to me.I am really curious to know, assuming that everything you've said is accurate, how they determine you've got malware. This is rather curious. The more I think about it, the more I wonder if something's come between you and facebook pretending to be official, hoping to trick you into downloading something. Cheers -- freebyron.org_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- Re: Facebook seems to think my Arch Linux box has malware on it, (continued)
- Re: Facebook seems to think my Arch Linux box has malware on it Dan Dart (Jan 20)
- Re: Facebook seems to think my Arch Linux box has malware on it xD 0x41 (Jan 20)
- Re: Facebook seems to think my Arch Linux box has malware on it james (Jan 20)
- Re: Facebook seems to think my Arch Linux box has malware on it Gage Bystrom (Jan 20)
- Re: Facebook seems to think my Arch Linux box has malware on it James Condron (Jan 20)
- Re: Facebook seems to think my Arch Linux box has malware on it adam (Jan 20)
- Re: Facebook seems to think my Arch Linux box has malware on it Gage Bystrom (Jan 20)
- Re: Facebook seems to think my Arch Linux box has malware on it GloW - XD (Jan 20)
- Re: Facebook seems to think my Arch Linux box has malware on it adam (Jan 20)
- Re: Facebook seems to think my Arch Linux box has malware on it xD 0x41 (Jan 20)
- Re: Facebook seems to think my Arch Linux box has malware on it Sebastian Rakowski (Jan 23)
- Re: Facebook seems to think my Arch Linux box has malware on it Nikolay Kichukov (Jan 21)