These forums have been archived and are now read-only.

The new forums are live and can be found at https://forums.eveonline.com/

EVE General Discussion

 
  • Topic is locked indefinitely.
Previous page12
 

Trojans from EVE Online Browser?
Author
Previous Topic Next Topic
James 315
Experimental Fun Times Corp RELOADED
CODE.
#21 - 2012-08-24 00:05:44 UTC
Private Pineapple wrote:
James 315 wrote:
What kind of websites were you visiting? What?


Does anyone ever know? Everyone pops into shady websites once in a while...

(mostly 9gag/4chan and lottery sites like somerblink, but there were 2 more lottery sites being spammed in jita chat)

9gag? TEST will have your head for that! Shocked

MinerBumping.com
Private Pineapple
Brutor Tribe
Minmatar Republic
#22 - 2012-08-24 00:39:22 UTC
James 315 wrote:
Private Pineapple wrote:
James 315 wrote:
What kind of websites were you visiting? What?


Does anyone ever know? Everyone pops into shady websites once in a while...

(mostly 9gag/4chan and lottery sites like somerblink, but there were 2 more lottery sites being spammed in jita chat)

9gag? TEST will have your head for that! Shocked


Too bad I'm not in TEST. Though they do look like cool people, I've refrained trying to join TEST/Goons since I will be playing GW2 competitively as I used to in the original GW. It's just not respectful to join a large corporation while saying "hey guys in a month i wont be serious about eve for a while".

.
Webvan
All Kill No Skill
#23 - 2012-08-24 02:20:53 UTC  |  Edited by: Webvan
Private Pineapple wrote:
To reiterate, no one has answered my question, which is outlined below:

If you visit a webpage in the IGB (in-game browser) that would otherwise infect you if you were using your regular browser outside of the game, what would happen?

Does your system get infected, or does the virus attempt to infect the EVE Online client to no avail?

Either way if you do get some sort of malware on your computer that is only found in the EVE Online cache, what exactly does that mean? Is it stuck/isolated to the cache itself and is only active when the EVE Online Client is running?

The questions particular to my incident are relevant as well:

If you visit a webpage in the IGB (in-game browser) that injects the trojan in the OP which scans for vulnerabilities, is it scanning the vulnerabilities of your system or the EVE Online client?

I think the answers to such questions could be educational to everyone who reads this thread, including CCP. I'm sure their security guys will get a kick out of this.
scanning your port or ports for access vulnerabilities. Firewall = on. EVE connects through a port. Your web browser connects through a port. Doesn't matter the port, just the software accessing it. Game browser is a browser, same as the next, just coded with the game client, runs in memory. If it has vulnerabilities then it shouldn't be any different than having your regular browser compromised, gaining access through your port to the system. You don't use a game browser to browse, only visit very trusted sites ...and even those can be iffy if they get compromised such as through ad banners or whatnot.

I'm in it for the money

Ctrl+Alt+Shift+F12
Private Pineapple
Brutor Tribe
Minmatar Republic
#24 - 2012-08-24 15:08:51 UTC
Webvan wrote:
Private Pineapple wrote:
To reiterate, no one has answered my question, which is outlined below:

If you visit a webpage in the IGB (in-game browser) that would otherwise infect you if you were using your regular browser outside of the game, what would happen?

Does your system get infected, or does the virus attempt to infect the EVE Online client to no avail?

Either way if you do get some sort of malware on your computer that is only found in the EVE Online cache, what exactly does that mean? Is it stuck/isolated to the cache itself and is only active when the EVE Online Client is running?

The questions particular to my incident are relevant as well:

If you visit a webpage in the IGB (in-game browser) that injects the trojan in the OP which scans for vulnerabilities, is it scanning the vulnerabilities of your system or the EVE Online client?

I think the answers to such questions could be educational to everyone who reads this thread, including CCP. I'm sure their security guys will get a kick out of this.
scanning your port or ports for access vulnerabilities. Firewall = on. EVE connects through a port. Your web browser connects through a port. Doesn't matter the port, just the software accessing it. Game browser is a browser, same as the next, just coded with the game client, runs in memory. If it has vulnerabilities then it shouldn't be any different than having your regular browser compromised, gaining access through your port to the system. You don't use a game browser to browse, only visit very trusted sites ...and even those can be iffy if they get compromised such as through ad banners or whatnot.


Mmk

.
Gerald Taric
NEO DYNAMICS
#25 - 2012-08-24 15:43:59 UTC
Nagamor wrote:
Word of Advice from an IT Guy. Get better antivirus.

Word from another IT-Guy: Disable JavaScript wherever possible! An Antivirus scanner alway lies behind the current developement state of viruses.

Yesterday i got a JS-Trojan Warning from Kaspersky Antivirus by just visiting a battleclinic site. Luckily JS was disabled in my browser.

With JavaScript very much nice things can be established, but it's also a huge security issue. Everytime, everywhere.
oldbutfeelingyoung
Perkone
Caldari State
#26 - 2012-08-24 18:03:11 UTC
Private Pineapple wrote:
So I was just doing my dail... monthly virus scan and surprise surprise I had a trojan on my computer. I was anxious to see what it was since I've never been infected with anything that actually did something to me yet. I was sad to find out that this was yet again another threat that doesn't actually threat me.

But.

This got interesting. Look where the trojan is from (picture link): http://i.imgur.com/PjxbI.jpg

So basically... I visited some site on the EVE Online browser which had a dirty javascript blackhole that infected me. Fortunately, only bad things happen to me if and only if I go back to the site again.

But that makes things interesting because then what would happen if I did? I'm not exactly sure how the EVE Online browser works in relation to your actual system. If I visited the site again, what exactly could happen? Would my system be infected, or would they be trying to interact with the EVE Online client itself?

The way I'm viewing this is the hole in the js doesn't matter to me since it's trapped in the EVE Online cache, but a more network security savvy person (or someone who knows more about how the EVE Online cache/browser could interact with the actual system running it) could clear me up on this.

EDIT: I'm wrong. The blackhole in the javascript is supposed to open up a gateway in any one or more vulnerabilities my computer may have due to installed software which allows an attacker to get into my computer. However my general question still stands, does this even work through the EVE Online cache? I'm not quite sure if they were viewing the vulnerabilities of the EVE Online client or my computer.



they can,t make you walk in stations in a game engine ,they invented themselves .
whats making you think they can change the in game browser

R.S.I2014
Kilastria Mog'oran
Imperial Academy
Amarr Empire
#27 - 2012-08-24 21:22:41 UTC
Private Pineapple wrote:
I visited some...dirty javascript blackhole that infected me.


Try penicillin.
Dog Biscuit
Doomheim
#28 - 2012-08-29 17:32:50 UTC
ISD put em there
Previous page12