Skip to main content

Two Popup Windows, On A Blog, Is Malware

If there is anything more obnoxious than the FaceBook "Like my blog!" popup window, it's a FaceBook "Like my blog!" window, preceded by a generic popup window.

It's possible that a blog which starts with two popup windows, one followed by a second, represents a blog owner who honestly wants people to enjoy her (his) blog. Even so, a blog that starts out this way is going to present a security analysis challenge, at best.

Seeing the growing popularity of the FaceBook popup (among blog owners, anyway), it's possible that the security scanning processes will, eventually, find a way to bypass the FaceBook code, and continue scanning. This may avoid some spurious malware classifications - if FaceBook developers can find a way to certify a genuine FaceBook popup.

Generic popup windows, on the other hand, need to be dealt with, sternly.

Every IT security consultant, with any experience, has seen the well known advice
Your computer may be infected with xxxxxxx malware. Download yyyyyyy remedy to remove xxxxxxx! OK to install?
That is a generic popup window. In this example, "xxxxxxx" is non existent - the install of "yyyyyyy" is merely the start to installing the "zzzzzzz" botnet member software.

Generic popup windows are suspicious.

Seeing a generic popup window, almost all security scanning processes are going to go into immediate threat detection status. Any blog, hosting a generic popup, should be immediately quarantined - so it can be scanned, through several levels of links, for a malware payload which surely hides somewhere.

A generic popup window, followed by a second popup, is even more suspicious.

Any blog which hosts a generic popup window, followed immediately by a FaceBook "Like my blog!" popup window, must be regarded with even more suspicion. It does not take any amount of paranoia (a mindset normal for all IT security professionals) to imagine a devious malware producer releasing his (her) own bogus FaceBook popup - with a little extra code added.

The generic popup window, preceding a bogus "FaceBook" popup, is then used as a "false flag" device, designed to confuse the security scanning software - so the malware delivered by the bogus FaceBook popup will be ignored.

The two popup windows, one after the other, may conceal malware installation.

Seeing the growing popularity of the FaceBook popup, surely there are malware vendors out there, planning just that technique, to deliver their product - if not already done.

Any blog owner, who adds both popups to her (his) blog needs to expect to receive a locked blog - followed by a locked Blogger account, as a devious / non repentant malware publisher.

Comments

Popular posts from this blog

Stats Components Are Significant, In Their Own Context

One popular Stats related accessory, which displays pageview information to the public, is the "Popular Posts" gadget.

Popular Posts identifies from 1 to 10 of the most popular posts in the blog, by comparing Stats pageview counts. Optional parts of the display of each post are a snippet of text, and an ever popular thumbnail photo.

Like many Stats features, blog owners have found imaginative uses for "Popular Posts" - and overlook the limitations of the gadget. Both the dynamic nature of Stats, and the timing of the various pageview count recalculations, create confusion, when Popular Posts is examined.

Leave Comments Here

Like any blogger, I appreciate polite comments, when they are relevant to the blog, and posted to the relevant article in the right blog. If you want to ask me a question thats relevant to blogging, but you can't find the right post to start with (I haven't written about everything blogger related, yet, nor the way things are going I don't expect to either), ask your questions here, or leave an entry in my guestbook.

As noted above, please note my commenting policy. If you post a comment to this post, I will probably treat it as a "Contact Me" post. If you have an issue that's relevant to any technical issue in the blog, please leave a comment on the specific post, not here. This post is for general comments, and for non posted contact to me.

If the form below does not work for you, check your third party cookies setting!

For actual technical issues, note that peer support in Blogger Help Forum: Something Is Broken, or Nitecruzr Dot Net - Blogging is, almos…

What's The URL Of My Blog?

We see the plea for help, periodicallyI need the URL of my blog, so I can give it to my friends. Help!Who's buried in Grant's Tomb, after all?No Chuck, be polite.OK, OK. The title of this blog is "The Real Blogger Status", and the title of this post is "What's The URL Of My Blog?".