Protection from Ad Malware
#1
With the recent ad-malware infecting TBP and dropping the Cerber locker onto visitors computers. I'm wondering what people are doing to protect themselves from these types of attacks?

This isn't something peculiar to TPB, nor is it a common occurrence but the outcome is devastating. The obvious solution is to block all ads but that starves TPB of a very needed income stream, though. So I'm asking........

Without blocking advertisements. What steps do people take to protect themselves from ad-malware?
Reply
#2
Although it is not exactly what you are asking I would point out that I (and I believe all other TPB staff) strongly recommend the use of ad blockers when browsing the web in general (including TPB).

Anyone who fails to install an ad blocker is a fool.
Reply
#3
(May 01, 2016, 05:24 am) pid=\141148' Wrote:Although it is not exactly what you are asking I would point out that I (and I believe all other TPB staff) strongly recommend the use of ad blockers when browsing the web in general (including TPB).

Anyone who fails to install an ad blocker is a fool.

In principle; I agree. But many people even though they do have adblockers, also disable or white list sites - the three main reasons being:

  1. They don't want to starve the site of revenue - passive financial support.
  2. They trust the site owners to not serve them malware and don't care about adverts.
  3. They rust the site owners and want the adverts.

What makes these attacks so insidious is that it bypasses the site operators to directly target the viewers.

The sort of thing I'm after is like the following.........

Every windows computer I have ever owned always gets the following modifications from the default setup.

  1. Autpolay is disabled. This prevents 99% of USB automated infections. (Yes I still infected if I execute them but at least I get the chance to inspect it first)
  2. Visual basic scripts are not set to run when opened. This prevents many  of the malicious ad-ware droppers or email attachments being able to force or trick you into downloading their executable or collecting email addresses.
Reply
#4
That is exactly what I mean by foolish.

Ads don't come from site owners they come from third parties and, particularly in the case of torrent sites, those third parties are NEVER reputable. The MAFIAA attacks any legitimate site which attempts to serve any torrent site, with the result that the ads served via torrent sites only ever come from the dodgiest of sources.

The nature of the ads themselves should be enough to let anyone know that they aren't the sort of things you want to be seeing let alone trusting.

Most ad income is based on clicks, not mere impressions. Either way, the amounts are miniscule. So the "passive financial support" you are providing amounts to no more than best wishes, which are not worth the risk you expose yourself to. If you really want to support a site, donate.
Reply
#5
(May 01, 2016, 17:26 pm) pid=\141190' Wrote:That is exactly what I mean by foolish.

Ads don't come from site owners they come from third parties and, particularly in the case of torrent sites, those third parties are NEVER reputable. The MAFIAA attacks any legitimate site which attempts to serve any torrent site, with the result that the ads served via torrent sites only ever come from the dodgiest of sources.

The nature of the ads themselves should be enough to let anyone know that they aren't the sort of things you want to be seeing let alone trusting.

Most ad income is based on clicks, not mere impressions. Either way, the amounts are miniscule. So the "passive financial support" you are providing amounts to no more than best wishes, which are not worth the risk you expose yourself to. If you really want to support a site, donate.

I don't really want to get into the victim blaming, the evils of JavaScript or ad-block as a panacea  Just as I disable virus scanning when I copy large numbers of files around so that it doesn't take 10 hours; people do disable their ad-block for a number of reasons and add them to their white-lists. 

Given that it is the case, I have given an example that make doing that a little less risky (not risk free) and am interested if others have any similar things that they do (defense in depth.)  
Reply
#6
(May 01, 2016, 17:26 pm) pid=\141190' Wrote:That is exactly what I mean by foolish.

Ads don't come from site owners they come from third parties and, particularly in the case of torrent sites, those third parties are NEVER reputable. The MAFIAA attacks any legitimate site which attempts to serve any torrent site, with the result that the ads served via torrent sites only ever come from the dodgiest of sources.

The nature of the ads themselves should be enough to let anyone know that they aren't the sort of things you want to be seeing let alone trusting.

Most ad income is based on clicks, not mere impressions. Either way, the amounts are miniscule. So the "passive financial support" you are providing amounts to no more than best wishes, which are not worth the risk you expose yourself to. If you really want to support a site, donate.

Awesome comment such appropriated good sir. If a site becomes really annoying and popups keep appearing everywhere which adblocker would u recommend. I never use adblocker on tpb I want to support the developers.

Sincerely

Varysboy
Reply
#7
varysboy Wrote:I never use adblocker on tpb I want to support the developers.

You should always, always, always use adblock - regardless of what site you're visiting. Viewing ads on TPB doesn't support the devs at all, that's crazy. If you're not using adblock, you're asking for trouble. Enable it right now and don't disable it for anybody.
Reply
#8
(Jun 03, 2016, 05:55 am)Spud17 Wrote:
varysboy Wrote:I never use adblocker on tpb I want to support the developers.

You should always, always, always use adblock - regardless of what site you're visiting. Viewing ads on TPB doesn't support the devs at all, that's crazy. If you're not using adblock, you're asking for trouble. Enable it right now and don't disable it for anybody.

I do use adblocker plus good sir what are your interests do u believe in ufo and aliens and the  coverup of jfk?
Reply
#9
(Jun 03, 2016, 07:49 am)varysboy Wrote:
(Jun 03, 2016, 05:55 am)Spud17 Wrote:
varysboy Wrote:I never use adblocker on tpb I want to support the developers.

You should always, always, always use adblock - regardless of what site you're visiting. Viewing ads on TPB doesn't support the devs at all, that's crazy. If you're not using adblock, you're asking for trouble. Enable it right now and don't disable it for anybody.

I do use adblocker plus good sir what are your interests do u believe in ufo and aliens and the  coverup of jfk?

Sites that want You to disable adblockers are like torrent uploaders that tell You to disable Your antivirus to install a Game or Program App. Ain't neither one gonna happen. I'm never going to read anything posted on Forbes, and I'm going to remove from quarantine any "Patches" I see are safe.

With Chrome or F-Fox You should have ublock as well as adblock plus. Adblock for IE well just doesn't work as well and there's no ublock extension available, so running Malwarebytes Premium is a must have. The dodgiest sites also attempt Canvas Fingerprinting, so unless You use Tor, it's a good idea to install blocking extensions for that too.

Ads are bundles in "Blocks" so sometimes it's hard for a Site to run down exactly which ads are the Bad ones. Add the fact that the Malvertisers now upload crap that won't run every time a page is visited, only when certain triggers are met, then that makes it even harder for Site Admins to find and remove them.

TPB does a Great Job of removing Malvertising as soon as they're are made aware of it unlike some other sites. If You see something in the ublock logs or with Malwarebytes blocks, report the Page and Time. I keep the snipping tool pinned to my taskbar for that purpose.
Reply
#10
varysboy Wrote:what are your interests do u believe in ufo and aliens and the  coverup of jfk?

What the fuck dude, are you high on glue?

This thread is not about ufo's or john frigging kennedy. Nor is it the place to ask others what their interests are.

Read the FAQ and give your head a really good shake before you post again, and when you do post, stay on topic.
Reply




Users browsing this thread: 2 Guest(s)