您是否相信,如果您不从 Internet 下载很多东西,并且只使用Web 浏览器(web browser)访问热门网站,您就不需要防病毒解决方案?您是否认为您的个人信息不会被犯罪分子窃取,因为您可以在没有防病毒软件的帮助下识别出不可靠的网站?如果你这样做了,我们有一些坏消息要告诉你。Web 浏览器是恶意软件感染和数据盗窃的最常见途径之一,在互联网上经常发生。只有永久的警惕和适当的安全措施才能保护您免受恶意网站、在线窃贼和黑客的侵害。在本文中,我们将引导您完成一个小实验,您可以在其中了解浏览网页时感染病毒的难易程度。希望(Hopefully),这个实验将帮助你学会为以后做好更好的准备,知道什么时候远离恶意网站:
我们的安全实验(security experiment)是关于什么的?
我们的目的是向您展示恶意网站的外观以及您被感染或数据被盗的难易程度。为此,我们首先必须设置一个虚拟机,并在其上安装Windows 10 Pro。然后,我们使用Google Chrome 网络浏览器(web browser)搜索并访问了一系列在互联网用户中很受欢迎的不可信网站。例如,我们访问了一些种子网站,一些提供免费在线电影,一些让您免费下载软件的网站,有视频内容的网站(video content)适用于成人和带有许多广告的常规网站。如果用户不注意,我们会点击用户会点击的所有地方,并且我们会对向我们抛出的所有内容说“是”,即使网络浏览器(web browser)说我们不应该访问某个地方或其他地方。这是发生的事情:
1.点击播放(Play)按钮,让“动作开始”
当您在 Internet 上查找视频并想观看时,您希望在视频上看到一个大的“播放”(Play)按钮。就像在YouTube 上(YouTube)一样,对吧?但并非所有播放(Play)按钮都真正播放视频。尤其是那些您在承诺让您免费观看商业电影或预告片的网站上看到的那些。
尽管这些网站说一切都是免费的,就像生活中的一切一样,没有什么是真正免费的。在我们的小实验中,我们很快就会发现这一点。在上面的网站上,我们点击了一部电影并等待它加载。它看起来像这样:
上面有两个播放(Play)按钮:一个在电影的右边,另一个是电影右下角的黄色按钮。它是用罗马尼亚语写的,但上面写着“观看高清”("Watch in HD")。无论您点击两个播放(Play)按钮中的哪一个,它们都会指向一个网站,要求您下载“浏览器扩展程序(browser extension)”以在线下载电影和预告片。您可以在下面的屏幕截图中看到它,这将我们带到了您在网上很容易找到的下一个假东西:假浏览器扩展程序(browser extension)。
2. 安装假的网络浏览器扩展,让你免费在线看电影
事情很清楚:如果我们想免费观看预告片或电影,我们必须安装各种网络浏览器扩展。这些步骤就像从婴儿身上拿糖果一样简单:下载、添加、打开新标签页(tab page)。以下是访问一些带有“免费在线电影”的网站后谷歌浏览器(Google Chrome)的样子:
我们最终在浏览器窗口(browser window)的右上角添加了“no-name”扩展、“no-name”工具栏和“no-name”主页。太棒(Awesome)了,不是吗?
我们非常确定,我们所做的所有这些扩展和更改不仅破坏了我们可能留在系统上的任何隐私,而且还感染了一些恶意软件。这一切都是因为那些承诺让我们免费在线观看电影和预告片的网站要求我们安装这些虚假扩展。
3.安装假Flash Player HD或假浏览器插件
为了让您下载受感染的文件、安装恶意浏览器扩展程序或窃取您的个人信息,一些犯罪分子会创建虚假的下载(Download)链接、虚假的播放(Play)按钮和带有“原始”内容的虚假网站。许多狡猾的网站,强迫你下载现在著名的“ Flash Player ”或它的一些“高清版(HD version)”,这样你就可以查看他们的内容。您可以在下面看到一个这样的示例。
这是一个骗局,因为它没有安装真正的Adobe Flash Player 插件(Adobe Flash Player plugin),也没有安装任何其他类型的插件。它所做的是要求我们安装另一个网络浏览器扩展(web browser extension)。这一次,它是关于安装一个免费观看电视节目的扩展程序。正确的...
不过,我们很幸运,因为我们最终得到了另一个“假”浏览器扩展(browser extension)。很多时候,这些虚假的Flash Player插件会安装完全锁定您的数据的勒索软件或各种木马。
4. 即使是值得信赖的网站也可能有恶意下载(Download)广告
就像标题所说的那样,即使是值得信赖且应该安全的网站也可能会显示恶意广告。您在FileHippo(FileHippo)、CNET、Ars Technica、Lifehacker等著名网站上看到的广告通常不受这些网站所有者的监管,而是由签约通过这些网站的内容获利的在线广告代理商监管。例如,我们网站(Digital Citizen)上的许多广告都是由Google使用其Google AdSense 平台(Google AdSense platform)发布的。从理论上讲,所有广告都应该是安全的,但有时并非如此,即使Google有一些机制可以自动检测和删除恶意广告。当网站与不检查其广告的恶意软件、网络钓鱼尝试和其他安全问题的其他广告平台合作时,情况会变得更糟。
例如,当我们访问我们喜欢的网站 - FileHippo.com时,我们看到的其中一个广告为用户提供了一种“访问他们的电子邮件”的简单方法。但事实是,当我们点击该广告时,我们被带到了一个新标签页,我们收到了下载和安装广告软件 Web 浏览器扩展程序(adware web browser extension)的建议,该扩展程序最初称为“新标签页(New Tab)”。🙂
网站所有者(website owner)是否出于好意并尝试使用安全的广告平台并不重要。对于点击它们的人来说,总会有以某种方式恶意的广告。恶意软件(Malware)创建者总会想办法绕过广告商的检查并欺骗他们展示他们的广告。
5. 互联网用于 pr0n,收集您的个人数据等
关于有多少互联网流量(internet traffic)用于访问色情内容,有很多统计数据。根据最近的统计数据(recent stats),此类内容最大的网站之一,2016 年共获得 230 亿次访问,全年累计视频浏览量近 920 亿次。那是巨大的!
所以,是的,我们继续在强大的Google上搜索pr0n:点击此处,点击此处,我们最终进入了拥有大量成人电影的网站……(adult movies…)任何口味、大小和持续时间 :)。
我们无法在Digital Citizen上发布这些网站的图片,但是当我们说它们中的大多数都充满广告时,我们相信您可以信任我们。尤其是那些提供免费内容的。不幸的是,在不止几次这些广告中,我们被要求填写一些个人详细信息的页面,以便创建一个在线帐户、付款并最终与我们的“可用女孩”相匹配。地区。酷(Cool),对吧?除了收钱(money taking)和收集个人信息。🙂
我们用虚假数据填写了所需的个人详细信息,然后我们完成了游戏。有谁(Does anyone)想知道您在免费成人网站上的数据会发生什么?它是如何使用的?显然,许多网站没有提供任何信息的方式,也没有提供透明度。
显然,没有发生任何不好的事情,经过一些额外的步骤,我们自豪地拥有了一个网站,该网站提供“独家”成人电影供您观看高清质量(HD quality)!🙂 这一切都很好,但您应该已经看到该网站上的广告数量。太棒了!而且,正如您将在本实验结束时看到的那样,这些广告中至少有一些被用于传播恶意软件。这(Which)给我们带来了另一个在浏览网页时如何被感染的例子。
6. 广告可以直接带您进入网络钓鱼诈骗和勒索软件
我们在成人网站上“玩”时点击的其中一个广告将我们带到了一个网站,该网站一遍又一遍地打开关于在我们的系统上发现病毒的相同对话窗口。(dialog window)将谷歌浏览器(Google Chrome)设置为“防止该页面创建额外的对话”没有任何效果,最重要的是……该网站也开始说话了。它不断重复有关来自微软(Microsoft)的严重警报的消息,这使得上述公司阻止(company block)并禁用我们的机器,因为它破坏了他们的网络……那是因为计算机(实际上是我们的虚拟机)据称“感染了病毒和间谍软件(virus and spyware)”已经窃取了信用卡(credit card)详细信息,电子邮件和 Facebook 帐户登录(email and Facebook account logins)信息以及存储在其中的照片。乐观,不是吗?🙂
该网站说我们拥有的唯一解决方案是拨打免费支持电话号码(support phone number)。事实是,是的,我们刚刚感染了勒索软件病毒(ransomware virus),但拨打该支持电话(support number)只会让事情变得更糟。
如果你偶然发现这样的事情,不要给你不认识的人打电话。(phone anyone)你能做的最好的事情就是尽快关闭你的电脑并运行一个好的杀毒软件。
7. 从P2P 种子(P2P torrent)网站免费获取所有内容是有代价的
很大一部分互联网流量(internet traffic)用于种子下载和从P2P网站下载“免费内容”。你们中有多少(How)人使用种子下载了软件、电影或游戏?你们中有多少(How)人在从 torrent 网站获得的文件中发现了病毒?我们打赌有很多。
此外,还有许多用户在网上下载盗版内容,甚至没有采取一些基本的预防措施,例如在他们的计算机上安装防病毒软件。毕竟,没有杀毒软件可以阻止他们,没有钱为他们下载的东西付费,当他们进入torrent 下载狂潮(torrent download frenzy)时,没有什么可以阻止他们。更不用说即使您确实可以从种子网站下载软件、电影、(torrent website)音乐或其他任何(music or anything)东西,到达那里的过程本身就是一次冒险。
例如,我们试图在这样的洪流网站上找到一些动漫电影。我们甚至没有在自动打开三个新标签的搜索字段中写下我们想要的电影名称。(search field)他们充满了在线赌博和购物(gambling and shopping)的广告。我们得到的结果甚至都与我们想要的电影无关——有些是成人电影。
在我们的虚拟机中下载种子一段时间后,它已经显示出疲倦的迹象。它工作得更努力,但感觉更慢。直到鼠标和键盘都卡住了,似乎什么都没有了。这是我们觉得必须停止实验的那一刻。如果虚拟机有声音和唱歌的天赋(talent singing),我们打赌它现在会唱这首歌:
结束就在眼前……还是只是一个新的开始?
在开始我们的这个小实验之前,我们在虚拟机上安装了Bitdefender Total Security 2017并使用它来运行完整的系统扫描。那时一切都很好,没有发现恶意软件。然后,我们删除了Bitdefender,开始了我们在本文中描述的不小心浏览网页和网站的实验。
实验快结束时,我们重新安装了Bitdefender的防病毒产品,并用它来运行完整的系统扫描。在我们的实验中,我们不仅设法让我们的虚拟机充满了广告软件,我们还设法让它感染了木马,更糟糕的是,还感染了勒索软件。以下是Bitdefender完整系统扫描的结果。请记住,这些病毒是在Bitdefender(Bitdefender)的安装和更新过程中实时保护摆脱了其他一些病毒之后发现的。
您是如何在浏览网页时感染Windows 计算机的?(Windows computer)
我们的实验旨在让您了解网络犯罪分子在互联网上为您准备了什么。如果您不去想并且去流行的在线目的地,在那里您可以免费获得很多东西,您会不小心点击旨在欺骗您的广告或播放(Play)按钮,这些按钮并没有真正播放您想要观看的内容,您将在短短几分钟内成为网络犯罪分子的受害者。从字面上看,只需不到 5 分钟就会遇到麻烦。如果您想分享我们自己的恐怖故事,请随时在下面发表评论。我们很好奇您是如何感染计算机的以及发生了什么。
How to infect your Windows PC while browsing the web for free stuff
Do you believe that if you don't download many things from the internet and you use your web browѕer only for visiting popular websites, you don't need аn antivirus solution? Do you think that your personal information can't bе stolen by criminals becauѕe you can identify dodgy websіtes without thе help of an antivirus? If you do, we have some bad news for you. Web browsers reprеsеnt one of the most common avеnues for malwarе infeсtions and data theft occυrѕ on a rеgular bаsis on the internet. Only a реrmanent watchfulness and appropriate safety measures сan protect you from malicious websites, online thieves, and haсkers. Іn this аrticle, we will walk you throυgh a little experiment in which you сan see how easily you can get infeсted while browsing the web. Hopefully, this experiment will hеlp you lеarn to bе better preрared in the future and know when to run away from malicious websites:
What's our security experiment about?
Our intention is to show you what malicious websites look like and how easy it is for you to get infected or get your data stolen. In order to do that, we first had to set up a virtual machine, on which we installed Windows 10 Pro. Then, we used the Google Chrome web browser to search and visit a range of untrustworthy websites that tend to be popular among internet users. For instance, we visited a few torrents websites, some that offer free online movies, some websites which let you download software for free, sites with video content for adults and regular websites with many ads on them. We clicked on all the places where a user would click if he or she doesn't pay attention and we said yes to everything that was thrown at us, even if the web browser said that we shouldn't visit a place or another. Here's what has happened:
1. Clicking Play buttons to get the "action started"
When you're looking for a video on the internet and you want to watch it, you expect to see a big Play button on it. Like on YouTube, right? But not all Play buttons actually play videos. Especially not those you see on websites that promise to let you watch commercial movies or trailers, for free.
Although these websites say everything is free, like all things in life, nothing is truly free. In our little experiment, we were going to find that soon enough. On the website above, we clicked on a movie and waited for it to load. It looked like this:
There are two Play buttons on it: one is right there on the movie, and the other is the yellow button on the bottom right corner of the movie. It's written in Romanian, but it says "Watch in HD". Regardless on which of the two Play buttons you click, they both lead to a website where you are asked to download a "browser extension" for downloading movies and trailers online. You can see it in the screenshot below, which brings us to the next fake thing that you easily find online: fake browser extensions.
2. Installing fake web browser extensions that let you see movies online, for free
Things were pretty clear: if we wanted to watch trailers or movies for free, we had to install various web browser extensions. The steps were as simple as taking candy from a baby: download, add, open a new tab page. Here's what Google Chrome looked like after visiting a few websites with "free online movies":
We ended up with "no-name" extensions on the top right side of the browser window, a "no-name" toolbar, and a "no-name" homepage. Awesome, isn't it?
We were pretty sure that all these extensions and changes we've made not only destroyed any privacy we could have left on our system, but also infected it with some malware. And all that because we were asked to install these fake extensions by the websites that promised to let us watch movies and trailers, online, for free.
3. Installing the fake Flash Player HD or fake browser plugins
In order to make you download infected files, install malicious browser extensions, or steal your personal information, some criminals create fake Download links, fake Play buttons and fake websites with "original" content. Many dodgy websites, force you to download the now renowned "Flash Player" or some "HD version" of it so that you can view their content. You can see one such example below.
This is a hoax as it didn't install the real Adobe Flash Player plugin, nor any other kind of plugin. What it did, was to ask us to install yet another web browser extension. This time, it was about installing an extension for watching TV shows for free. Right...
We were lucky, though, because we ended up with another "fake" browser extension. Many times, these fake Flash Player plugins install ransomware that completely locks your data, or trojans of all kinds.
4. Even trustworthy websites can have malicious Download ads on them
Like the header says, even websites that are trustworthy and should be safe can have malicious ads displayed. The ads you see on famous websites like FileHippo, CNET, Ars Technica, Lifehacker and so on, are not usually regulated by the owners of those websites, but by online ad agencies that are contracted to monetize the content of those websites. For instance, many of the ads on our website - Digital Citizen - are published by Google using their Google AdSense platform. In theory, all the ads should be safe but sometimes they aren't, even if Google has some mechanisms in place to detect and remove malicious ads automatically. Things get worse when websites work with other advertising platforms that don't check their ads for malware, phishing attempts, and other security problems.
For instance, when we visited a website we love - FileHippo.com - one of the ads we saw was offering users an easy way to "get access to their emails". But the truth was that, when we clicked on that ad, we were taken to a new tab where we received a recommendation to download and install an adware web browser extension called originally "New Tab". 🙂
It doesn't matter if a website owner is very well intentioned and tries to use safe advertising platforms. There will always be ads that are malicious in some way for the people that click on them. Malware creators will always find ways to circumvent the checks made by advertisers and fool them into displaying their ads.
5. The internet is for pr0n, collecting your personal data and more
There are many stats about how much of the internet traffic is used for accessing pornographic content. According to recent stats, one of the biggest websites for this type of content, in 2016 received a total of 23 billion visits, accumulating a total of nearly 92 billion video views during the year. That's huge!
So yes, we went on and searched the old mighty Google for pr0n: a click here, a click there, and we ended up on websites with tons of adult movies… for any taste, size, and duration :).
We can't post images of these websites here, on Digital Citizen, but we believe that you can trust us when we say that most of them are full of ads. Especially those that provide free content. Unfortunately, on more than a few occasions, these ads led us to pages in which we were asked to fill in more than a few personal details in order to create an online account, pay money, and ultimately match with "available girls" from our region. Cool, right? Except the money taking and the collection of personal information. 🙂
We filled the required personal details with fake data, and we went through with the game. Does anyone wonder what happens with your data on free adult websites? How is it used? Obviously, there's no way of telling and no transparency being offered by many websites.
Apparently, nothing bad happened and, after a few additional steps, we were the proud owners of a website which offered "exclusive" adult movies for watching in HD quality! 🙂 That's all very nice, but you should've seen the number of ads on that website. It was humongous! And, as you'll see at the end of this experiment, at least some of these ads were used for distributing malware. Which bring us to another example of how you can get infected while browsing the web.
6. Ads can take you straight to phishing scams and ransomware
One of the ads we clicked on while having "fun" on adult websites took us to a site which kept on opening the same dialog window about viruses being found on our system, over and over again. Setting Google Chrome to "prevent this page from creating additional dialogues" had no effect and, to top it all… the website also began speaking. It kept on repeating a message about a critical alert from Microsoft which made the aforementioned company block and disable our machine because it damaged their network… And that was because the computer (in fact our virtual machine) was supposedly "infected with virus and spyware" which already had stolen credit card details, email and Facebook account logins and photos stored on it. Optimistic, isn't it? 🙂
The only solution this website said we had, was to call a toll free support phone number. The truth is that yes, we had just got infected with a ransomware virus, but calling that support number was only going to make things worse.
If you do stumble upon something like this, don't phone anyone you don't know. The best thing you can do is to power off your PC and run a good antivirus as soon as possible.
7. Getting everything for free from P2P torrent websites has a cost
A huge portion of the internet traffic is used for torrents and downloading "free content" from P2P websites. How many of you have downloaded software, movies, or games using torrents? How many of you found viruses inside the files you got from the torrent websites? We bet there are many.
Also, there are many users who download pirated content online and don't even take some basic precautions like installing an antivirus on their computers. After all, there's no antivirus bugging them to stop, no money to pay for the stuff they download and nothing can stop them when they enter the torrent download frenzy. Not to mention the fact that even if you do get to download the software, movies, music or anything else from a torrent website, the process of getting there is an adventure by itself.
We, for instance, tried to find some anime movies on such a torrent site. We didn't even get to write the name of the movie we wanted in the search field that three new tabs were automatically opened. And they were filled with ads for online gambling and shopping. The results we got were not even all related to the movie that we wanted - some were adult films.
After downloading torrents for a while in our virtual machine, it was already showing signs of weariness. It worked harder, yet it felt slower. Until one moment when both the mouse and the keyboard got stuck and nothing seemed to work anymore. This was the moment when we felt we had to stop our experiment. If the virtual machine had a voice and a talent singing, we bet that it would have sung this song right now:
The end is nigh… or is it just a new beginning?
Before we started this little experiment of ours, we installed Bitdefender Total Security 2017 on our virtual machine and used it to run a full system scan. Everything was fine at that point and there was no malware to be found. Then, we removed Bitdefender and started our experiment of carelessly browsing the web and on the websites that we described in this article.
When the experiment was almost over, we reinstalled Bitdefender's antivirus product and used it to run a full system scan. During our experiment, we managed not only to fill our virtual machine with adware, we also managed to get it infected with trojans and, what's even worse, with ransomware. Below are the results of Bitdefender's full system scan. Keep in mind that these viruses were found after the real-time protection got rid of a few others, during Bitdefender's installation and update process.
How did you infect your Windows computer while browsing the web?
Our experiment was meant to make you aware of what the cybercriminals have prepared for you on the internet. If you don't think and go to popular online destinations where you can get lots of stuff for free, you click carelessly on ads that are meant to trick you or on Play buttons that don't really play the content that you want to watch, you will become a victim of cyber criminals in just a couple of minutes. It literally takes less than 5 minutes to get in trouble. If you have our own horror stories that you want to share, don't hesitate to leave a comment below. We are curious how you got your computer infected and what happened.
