Is P M subject to Adrozek?
Forum rules
This General Discussion board is meant for topics that are still relevant to Pale Moon, web browsers, browser tech, UXP applications, and related, but don't have a more fitting board available.
Please stick to the relevance of this forum here, which focuses on everything around the Pale Moon project and its user community. "Random" subjects don't belong here, and should be posted in the Off-Topic board.
This General Discussion board is meant for topics that are still relevant to Pale Moon, web browsers, browser tech, UXP applications, and related, but don't have a more fitting board available.
Please stick to the relevance of this forum here, which focuses on everything around the Pale Moon project and its user community. "Random" subjects don't belong here, and should be posted in the Off-Topic board.
- TwoTankAmin
- Keeps coming back
- Posts: 777
- Joined: 2014-07-23, 13:56
- Location: New York
Is P M subject to Adrozek?
The title says it all.
From PC mag online - December 11, 2020
https://www.pcmag.com/news/microsoft-warns-adrozek-malware-is-infecting-thousands-of-pcs-to-insert
Thanks for any info on this.
From PC mag online - December 11, 2020
https://www.pcmag.com/news/microsoft-warns-adrozek-malware-is-infecting-thousands-of-pcs-to-insert
Thanks for any info on this.
“No one has ever become poor by giving.” Anonymous
“Everyone is entitled to his own opinion, but not to his own facts.”" Daniel Patrick Moynihan
"The good thing about science is that it’s true whether or not you believe in it." Neil DeGrasse Tyson
“Everyone is entitled to his own opinion, but not to his own facts.”" Daniel Patrick Moynihan
"The good thing about science is that it’s true whether or not you believe in it." Neil DeGrasse Tyson
Re: Is P M subject to Adrozek?
No.
The extension part is aChromeWebExtension. That (and the fact that there's apparently no proper security to prevent silent installation of them?) is the only reason it can target multiple browsers from a single malware installer.
Of course it's a bad idea to run randomly-named programs that somehow made it onto your PC
The extension part is a
Of course it's a bad idea to run randomly-named programs that somehow made it onto your PC
"Sometimes, the best way to get what you want is to be a good person." -- Louis Rossmann
"Seek wisdom, not knowledge. Knowledge is of the past; wisdom is of the future." -- Native American proverb
"Linux makes everything difficult." -- Lyceus Anubite
"Seek wisdom, not knowledge. Knowledge is of the past; wisdom is of the future." -- Native American proverb
"Linux makes everything difficult." -- Lyceus Anubite
Re: Is P M subject to Adrozek?
So the webex is drive-by installed and downloads and runs "setup__.exe" or whatever?
Good thing drive-by isn't possible here.
Though, we should keep an eye on any new submitions or updates to extensions. I wouldn't doubt one of the enemy agents might be stupid enough to try to submit something then shove an update with instructions to download and execute a payload down the AUS pipe.
Or try and turn an extension developer to their cause to create a spectical. Though this would be extreamely traceable and all parties would be identifed unlike the people behind the webex version.
If users are conserned about that you can turn off updates to extensions and vet them your self. But I seriously doubt that the originators targeting the Google Axis Powers are interested in us.
Good thing drive-by isn't possible here.
Though, we should keep an eye on any new submitions or updates to extensions. I wouldn't doubt one of the enemy agents might be stupid enough to try to submit something then shove an update with instructions to download and execute a payload down the AUS pipe.
Or try and turn an extension developer to their cause to create a spectical. Though this would be extreamely traceable and all parties would be identifed unlike the people behind the webex version.
If users are conserned about that you can turn off updates to extensions and vet them your self. But I seriously doubt that the originators targeting the Google Axis Powers are interested in us.
Re: Is P M subject to Adrozek?
No, it's an .exe installer to begin with and it installs webextensions into various browsers (that is apparently not guarded against with a registry or whatnot like we have).New Tobin Paradigm wrote: ↑2020-12-12, 19:48So the webex is drive-by installed and downloads and runs "setup__.exe" or whatever?
"Sometimes, the best way to get what you want is to be a good person." -- Louis Rossmann
"Seek wisdom, not knowledge. Knowledge is of the past; wisdom is of the future." -- Native American proverb
"Linux makes everything difficult." -- Lyceus Anubite
"Seek wisdom, not knowledge. Knowledge is of the past; wisdom is of the future." -- Native American proverb
"Linux makes everything difficult." -- Lyceus Anubite
Re: Is P M subject to Adrozek?
Ah i see.. I thought webextensions couldn't be "sideloaded" without allowing it first and also that they have a permission system etc.
Re: Is P M subject to Adrozek?
I haven't really read too much about it so I don't know the minute details, but apparently the exe is able to rewrite the permission file to allow the installation of the webextension.New Tobin Paradigm wrote: ↑2020-12-12, 20:12Ah i see.. I thought webextensions couldn't be "sideloaded" without allowing it first and also that they have a permission system etc.
I think (again, didn't read the details) this is possible because some browsers install into directories that are always writable by the user (like AppData) and thus the malware can edit anything, including the permission-related file(s) used for extension control.
Re: Is P M subject to Adrozek?
The bane of storing everything in a .json, i guess?
Either way, if you run malware on your system with admin rights (which is what starts all this) then all bets are off, anyway.
Either way, if you run malware on your system with admin rights (which is what starts all this) then all bets are off, anyway.
"Sometimes, the best way to get what you want is to be a good person." -- Louis Rossmann
"Seek wisdom, not knowledge. Knowledge is of the past; wisdom is of the future." -- Native American proverb
"Linux makes everything difficult." -- Lyceus Anubite
"Seek wisdom, not knowledge. Knowledge is of the past; wisdom is of the future." -- Native American proverb
"Linux makes everything difficult." -- Lyceus Anubite
Re: Is P M subject to Adrozek?
True. Hell it could be that this is being so hyped as the first major tangible evidence against having an extension system at all. Also could serve to distract and/or re-enforce restrictions under Manifest v3 in the meantime as the plan to kill any extensions could be moved forward.
No one is gonna bother reading beyond the headline let alone understanding the technical facts of the matter anyway.
Regardless, not our problem.. As for OUR extensions, get crackin. Forking is the future and the future starts with you.
No one is gonna bother reading beyond the headline let alone understanding the technical facts of the matter anyway.
Regardless, not our problem.. As for OUR extensions, get crackin. Forking is the future and the future starts with you.
- TwoTankAmin
- Keeps coming back
- Posts: 777
- Joined: 2014-07-23, 13:56
- Location: New York
Re: Is P M subject to Adrozek?
Thanks for the info.
Mu brother is good friend with a high level computer expert and has high level government security clearance. He also helps my bro with his computers. He emailed my bro re Adrozek since my bro runs Windows 10 and uses Chrome and Edge. My bro let me know and I came here. Before I made this thread I did a forum search for "Adrozek" and I got nothing back. (The term does not appear in vanilla's link). So I then posted this thread.
Mu brother is good friend with a high level computer expert and has high level government security clearance. He also helps my bro with his computers. He emailed my bro re Adrozek since my bro runs Windows 10 and uses Chrome and Edge. My bro let me know and I came here. Before I made this thread I did a forum search for "Adrozek" and I got nothing back. (The term does not appear in vanilla's link). So I then posted this thread.
“No one has ever become poor by giving.” Anonymous
“Everyone is entitled to his own opinion, but not to his own facts.”" Daniel Patrick Moynihan
"The good thing about science is that it’s true whether or not you believe in it." Neil DeGrasse Tyson
“Everyone is entitled to his own opinion, but not to his own facts.”" Daniel Patrick Moynihan
"The good thing about science is that it’s true whether or not you believe in it." Neil DeGrasse Tyson