Network tracking: Who is behind the scenes of malicious bomb windows (1)

Source: Internet
Author: User
Keywords Malicious ads Network tracking
A pop-up window triggers a tracking "look at Taobao," I let my wife opened the Wang Wang, recently in addition to the interval to clean up Taobao warehouse baby, usually I have rarely opened Wang Wang. Ask for the interface still shows "login", the screen flashes, a new browser window appears, content ... It seems to be a car trading site "online auto Market", I think perhaps want to do advertising it, I do not care about it. Home study, in the summer of July, the temperature is not low, and then love the computer I also do not want to stay there, but the wife insists on surfing the internet to see some RTHK TV dramas. "What a nuisance, again this advertisement, I said our machine is not poisoned?" The wife casually said, apparently she was referring to the auto market website (Figure 1). 498) this.width=498 ' OnMouseWheel = ' javascript:return big (This) ' height=375 alt= network tracking: Who is behind the scenes frequent malicious bomb Windows 1 src= "/files/ Uploadimg/20080122/1002510.jpg "width=500>" Why say again? The wife's words caught my attention, from the description of the phenomenon of the wife, I can generally judge that the "online market" advertising window is often accompanied by Ali, usually it appears only 1 or 2 times a day, seems to be very regular. Will Ali do this kind of ad? I remain skeptical that my system has a virus? As a computer expert in the eyes of my wife, I have to give a reasonable explanation, and I would like to know the truth ... So, a track around the exception pop-up window to start ... A suspect number one suspect: Network operators clues: Alipay customer Service response to the experience, the General pop-up window, either a malicious virus caused, or the web site or software itself pop-up ads. Where should we start? It's not too early, I decided to collect some valuable information to do some preparation for the next day's detailed investigation. I also opened Taobao station, in the Wang Wang related websites and customer service forum to browse. I found out from the forum that I was not alone in encountering this pop-up ad, and that many users were different, and my intuition told me that it might not be as simple as I had imagined. Just as I was gathering information on the forum, a post made my eyes bright. A netizen posted a post to ask "Why login Alipay will appear an online automobile market advertisement ...", a user claiming to pay treasure customer reply "This is not by Alipay pop-up, is the local network operators pop-up ads." A suspect denies a suspect the method of investigation: The phone did not think that they just want to collect some information, but found that the suspect's clue, it is too easy, too people do not have a sense of achievement, but tonight's work is not white do, you can sleep at ease, tomorrow morning call to confirm theOK. The next day I get up early, one to work time to dial the Henan Jiaozuo netcom customer service 10060, the following is the dialogue. Me: Hello, when I Ali, I always pop up an online auto market website. "Customer service:" Hello, please check your system is infected with virus, please upgrade your anti-virus software virus library for system detection. "I:" checked, confirmed no virus. Is your netcom inserting ads? Customer Service: "We will never modify the user's Internet access information to insert ads." "It seems that the more easily the clues, the more unreliable, for the time being can be ruled out a suspect." Will look to suspect number second suspect second: malicious virus clues: the virus will be in the Poisoned System pop-up advertising window to enhance the site traffic Taobao said it is not their own problem, the network operators in the first time to deny this behavior, that will not appear to promote the site for the purpose of the malicious virus? I listed the malicious virus as suspect number second. In general, a virus that aims to maliciously promote a website, will be in the poisoned system frequently pop-up advertisement window, in order to achieve the goal of enhancing the website traffic, and this Wang Wang pop-up window has similar counter characteristics, it maintains in 1, 2 times a day frequency, gives the person's feeling is does not want to cause the user's aversion, It doesn't look like a virus or Trojan horse. However, I used a variety of tools to find malicious programs in the system, check IE's add-in, and the result of the check: my system is very normal. Suspect number second thoroughly clear suspected second suspects to eliminate the means: to build a clean environment, although the initial suspicion of malicious virus, but in order to be prudent, I would like to make further exclusion. To further substantiate my judgment, I established three pure system environments. A environment: Install the original XP SP2 Professional Edition, through the official automatic update to the day, anti-virus software selected McAfee Enterprise Edition, and set strict rules. B Environment: Install genuine authorized WindowsServer2008 RC0 Simplified Enterprise Edition, enable advanced Security firewall rules, antivirus select NOD32 simplified version, and update to the latest virus library. C Environment: Install Ubuntu7.10 version, the default use of Firefox browser. A few days to test down, the results of a, B, c all appear abnormal network advertising window, confirmed the exclusion of second suspects. 1 2 Next >> view full-text navigation page 1th: A pop-up window triggers a trace. Page 2nd: Website or software itself: Web tracking: Who in the background of the Malicious bomb window (1) Return to the network security home

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.