Porn Virus Holds Browser History at Ransom

[bustapr]

Really animated porn is interesting sometimes because it has a story. Sometimes the story is worth watching, but I stopped watching hentai( a long time ago) when I noticed that literally every video was based on rape. Good thing this virus is out(i cant believe i just said that)

 

[bhaberle]

The article title tricked me. I thought the virus would send an email to everyone showing the porn websites you went to unless given money. lol... that would've been a better trick imo.

 

[jellico]

They have hentai movies about rape in every form you can imagine, not to mention inventing the whole lolicon genre... yet they have lower rates of both sexual violence and child sexual abuse than the U.S. and many European countries. I guess prurient movies and video games DON'T cause deviant behavior afterall.

 

[bdonedge]

[citation][nom]jellico[/nom]A really good way of testing crap that you download from P2P networks (or anywhere else for that matter) is called Sandboxie (www.sandboxie.com). It's free and easy to use. What it does is create a virtual environment in which to run applications. This is great to do if you want to surf pron and other questionable websites which are known to infect your computer just by going there. Because the browser runs in a virtualized memory space, any infection happens in the virtualized environment. Once you close it, the environment goes away along with any malware. If you download something and want to see if it is legit or a virus, you just right-click the install file and select "Run Sandboxed" and it will run the install in a virtualized environment. If you discover that the program is a trojan, you close the sandbox and it all goes away.[/citation]


Can anyone else vouch for this? I feel as though, even though it's a virtual space it still has the ability to linger in the RAM and come back out and attack you.

 

[jellico]

[citation][nom]bdonedge[/nom]Can anyone else vouch for this? I feel as though, even though it's a virtual space it still has the ability to linger in the RAM and come back out and attack you.[/citation]
A virus doesn't work that way. You're trying to equate it with what a biological organism might do. A computer virus is nothing more than a computer program designed to do something malicious and attempt to obfuscate its presense. In the case of a Windows virus, they will infect system files, create copies in various directories and modify the registry to make certain the virus is always loaded in the boot sequence. And then, of course, it will do whatever malicious stuff it was programmed to do (such as steal your browser history and encrypt your music and video files).


A program like Sandboxie sets up a virtual environment in memory. The only thing that comes out is the video output. The virus will enter the virtual environment and attempt to do all of the stuff it was programmed to do. Of course, there are no system files to affect and no registry to modify, so it really can't do much of anything. And, like any other computer program that encounters a condition it doesn't have a response to, it does nothing at all. When the program is closed, the memory allocated for virtualization is released and available for use by the system again. As far as the computer is concerned, that memory is empty, even though data remnants remain. This is just like when you delete a file from your hard drive. And just as your computer doesn't attempt to run anything in an area of your hard drive that it believe is blank, it will not attempt to execute something in an area of memory that is marked as unallocated.

I know that was kind of long, but I hope it addresses your concerns.

 

[bdonedge]

[citation][nom]jellico[/nom]A virus doesn't work that way. You're trying to equate it with what a biological organism might do. A computer virus is nothing more than a computer program designed to do something malicious and attempt to obfuscate its presense. In the case of a Windows virus, they will infect system files, create copies in various directories and modify the registry to make certain the virus is always loaded in the boot sequence. And then, of course, it will do whatever malicious stuff it was programmed to do (such as steal your browser history and encrypt your music and video files).A program like Sandboxie sets up a virtual environment in memory. The only thing that comes out is the video output. The virus will enter the virtual environment and attempt to do all of the stuff it was programmed to do. Of course, there are no system files to affect and no registry to modify, so it really can't do much of anything. And, like any other computer program that encounters a condition it doesn't have a response to, it does nothing at all. When the program is closed, the memory allocated for virtualization is released and available for use by the system again. As far as the computer is concerned, that memory is empty, even though data remnants remain. This is just like when you delete a file from your hard drive. And just as your computer doesn't attempt to run anything in an area of your hard drive that it believe is blank, it will not attempt to execute something in an area of memory that is marked as unallocated.I know that was kind of long, but I hope it addresses your concerns.[/citation]


It does, thank you. I guess I just am failing to understand because there are viruses that sort of take place in the temporary internet files folder and will not be considered "gone" even though you have removed it completely. I just assumed it did the same concept, but that is an interesting program I never thought of that approach. Is there no way for the virus to recognize that the allocated virtual space is indeed a virtual space and not the system?

 

[jellico]

[citation][nom]bdonedge[/nom]It does, thank you. I guess I just am failing to understand because there are viruses that sort of take place in the temporary internet files folder and will not be considered "gone" even though you have removed it completely. I just assumed it did the same concept, but that is an interesting program I never thought of that approach. Is there no way for the virus to recognize that the allocated virtual space is indeed a virtual space and not the system?[/citation]
You have to remember, just because you download an infected file, doesn't mean your system is compromised. Like any computer program, it needs to be executed to do anything. That's why using browser exploits and runtime scripts on porn sites is so effective. The program is being run on your computer, often without your knowledge.

As to your last question, I'm sure a clever programmer could write a virus that could "break out" of a virtualized environment. But viruses are typically make to be as small as possible. The more logic you build into them, the larger they get. Also, people who create and distribute malware are typically going after the low-hanging fruit. There are plenty of people who don't have anti-malware software installed (or updated), so they make easy and convenient targets. Just like the person who puts bars on their windows and doors... a determined burglar could still get it if they wanted to, but why bother when your neighbors have no bars and, look at that, they left a window open.

 

[Guest]

This is exactly what I would have thought of.

 

[jdavide22]

This is hilarious!