Jump to content

Can you get malware by simply visiting websites?

hardtofindinthefuture
 Share
Posted

Just wondering if i visit shady lookin sites like for example(shady sites, north Korean websites etc) Can i possibly get malware if nothing is actually visibly downloaded?

 

Thanks!

Best of myself(1000th post)

 

Vista

Core i5-8400

8GB DDR4

GTX 1050ti

1TB 7200RPM HDD
MSI H310M PRO-VD

EVGA 450BT

Cooler Master masterbox lite 3.1

Arctic Cat

Core 2 quad q8200

8GB DDR2 ECC

GTX 550ti

1TB 7200RPM HDD

Dell precision t3400 motherboard

Link to comment
Share on other sites
Link to post
Share on other sites
Posted

Yes, it's what is called a drive-by attack. They pretty much require Javascript, though browsers are highly sandboxed now so it's hard to get a virus that way to be honest unless you're going to REALLY sketchy sites, which if you are I would suggest doing that in an isolated VM.

[Out-of-date] Want to learn how to make your own custom Windows 10 image?

 

Desktop: AMD R9 3900X | ASUS ROG Strix X570-F | Radeon RX 5700 XT | EVGA GTX 1080 SC | 32GB Trident Z Neo 3600MHz | 1TB 970 EVO | 256GB 840 EVO | 960GB Corsair Force LE | EVGA G2 850W | Phanteks P400S

Laptop: Intel M-5Y10c | Intel HD Graphics | 8GB RAM | 250GB Micron SSD | Asus UX305FA

Server 01: Intel Xeon D 1541 | ASRock Rack D1541D4I-2L2T | 32GB Hynix ECC DDR4 | 4x8TB Western Digital HDDs | 32TB Raw 16TB Usable

Server 02: Intel i7 7700K | Gigabye Z170N Gaming5 | 16GB Trident Z 3200MHz

Link to comment
Share on other sites
Link to post
Share on other sites
Posted
  • Author
Just now, 2FA said:

REALLY sketchy sites

what would be the standard for that..

Best of myself(1000th post)

 

Vista

Core i5-8400

8GB DDR4

GTX 1050ti

1TB 7200RPM HDD
MSI H310M PRO-VD

EVGA 450BT

Cooler Master masterbox lite 3.1

Arctic Cat

Core 2 quad q8200

8GB DDR2 ECC

GTX 550ti

1TB 7200RPM HDD

Dell precision t3400 motherboard

Link to comment
Share on other sites
Link to post
Share on other sites
Posted
Just now, v0nn_toaster said:

what would be the standard for that..

Like non-indexed sites and ones that you just inherently question the safety of.

[Out-of-date] Want to learn how to make your own custom Windows 10 image?

 

Desktop: AMD R9 3900X | ASUS ROG Strix X570-F | Radeon RX 5700 XT | EVGA GTX 1080 SC | 32GB Trident Z Neo 3600MHz | 1TB 970 EVO | 256GB 840 EVO | 960GB Corsair Force LE | EVGA G2 850W | Phanteks P400S

Laptop: Intel M-5Y10c | Intel HD Graphics | 8GB RAM | 250GB Micron SSD | Asus UX305FA

Server 01: Intel Xeon D 1541 | ASRock Rack D1541D4I-2L2T | 32GB Hynix ECC DDR4 | 4x8TB Western Digital HDDs | 32TB Raw 16TB Usable

Server 02: Intel i7 7700K | Gigabye Z170N Gaming5 | 16GB Trident Z 3200MHz

Link to comment
Share on other sites
Link to post
Share on other sites
Posted

Keeping your browser up to date is the best you can do

Link to comment
Share on other sites
Link to post
Share on other sites
Posted
5 minutes ago, 2FA said:

Yes, it's what is called a drive-by attack. They pretty much require Javascript, though browsers are highly sandboxed now so it's hard to get a virus that way to be honest unless you're going to REALLY sketchy sites, which if you are I would suggest doing that in an isolated VM.

sandbox escapes are found everyday

Join the Appleitionist cause! See spoiler below for answers to common questions that shouldn't be common!

Spoiler

Q: Do I have a virus?!
A: If you didn't click a sketchy email, haven't left your computer physically open to attack, haven't downloaded anything sketchy/free, know that your software hasn't been exploited in a new hack, then the answer is: probably not.

 

Q: What email/VPN should I use?
A: Proton mail and VPN are the best for email and VPNs respectively. (They're free in a good way)

 

Q: How can I stay anonymous on the (deep/dark) webzz???....

A: By learning how to de-anonymize everyone else; if you can do that, then you know what to do for yourself.

 

Q: What Linux distro is best for x y z?

A: Lubuntu for things with little processing power, Ubuntu for normal PCs, and if you need to do anything else then it's best if you do the research yourself.

 

Q: Why is my Linux giving me x y z error?

A: Have you not googled it? Are you sure StackOverflow doesn't have an answer? Does the error tell you what's wrong? If the answer is no to all of those, message me.

 

Link to comment
Share on other sites
Link to post
Share on other sites
Posted
1 minute ago, LtStaffel said:

sandbox escapes are found everyday

Violets are not actually blue.

[Out-of-date] Want to learn how to make your own custom Windows 10 image?

 

Desktop: AMD R9 3900X | ASUS ROG Strix X570-F | Radeon RX 5700 XT | EVGA GTX 1080 SC | 32GB Trident Z Neo 3600MHz | 1TB 970 EVO | 256GB 840 EVO | 960GB Corsair Force LE | EVGA G2 850W | Phanteks P400S

Laptop: Intel M-5Y10c | Intel HD Graphics | 8GB RAM | 250GB Micron SSD | Asus UX305FA

Server 01: Intel Xeon D 1541 | ASRock Rack D1541D4I-2L2T | 32GB Hynix ECC DDR4 | 4x8TB Western Digital HDDs | 32TB Raw 16TB Usable

Server 02: Intel i7 7700K | Gigabye Z170N Gaming5 | 16GB Trident Z 3200MHz

Link to comment
Share on other sites
Link to post
Share on other sites
Posted
  • Author
Just now, Ross Scarlet said:

are you gonna browse the deep web or something?

nah

Best of myself(1000th post)

 

Vista

Core i5-8400

8GB DDR4

GTX 1050ti

1TB 7200RPM HDD
MSI H310M PRO-VD

EVGA 450BT

Cooler Master masterbox lite 3.1

Arctic Cat

Core 2 quad q8200

8GB DDR2 ECC

GTX 550ti

1TB 7200RPM HDD

Dell precision t3400 motherboard

Link to comment
Share on other sites
Link to post
Share on other sites
Posted

Yes.

 

Java sandboxing is 100% broken since specter/meltdown.

 

Shady websites are likely to have the most effective attacks in their design.

Link to comment
Share on other sites
Link to post
Share on other sites
Posted
1 hour ago, v0nn_toaster said:

what would be the standard for that..

Use NoScript where possible if the website is not trustworthy. It disables script execution (e.g. the javascript mentioned earlier).

https://noscript.net/

Link to comment
Share on other sites
Link to post
Share on other sites
Posted

I've had it happen a couple times over the past decade, one time I even had a black boxed message appear on my screen, don't remember what it said but I just formatted my drive and reinstalled OS.  And the sketchiest thing I've done is go to regular porn sites and torrent.  It's been a few years since that happened but I'm pretty sure I got one from pornhub once.  It's very possible.

Open-Back - Sennheiser 6xx - Focal Elex - Phillips Fidelio X3 - Harmonicdyne Zeus -  Beyerdynamic DT1990 - *HiFi-man HE400i (2017) - *Phillips shp9500 - *SoundMAGIC HP200

Semi-Open - Beyerdynamic DT880-600 - Fostex T50RP - *AKG K240 studio

Closed-Back - Rode NTH-100 - Meze 99 Neo - AKG K361-BT - Blue Microphones Lola - *Beyerdynamic DT770-80 - *Meze 99 Noir - *Blon BL-B60 *Hifiman R7dx

On-Ear - Koss KPH30iCL Grado - Koss KPH30iCL Yaxi - Koss KPH40 Yaxi

IEM - Tin HiFi T2 - MoonDrop Quarks - Tangzu Wan'er S.G - Moondrop Chu - QKZ x HBB - 7HZ Salnotes Zero

Headset Turtle Beach Stealth 700 V2 + xbox adapter - *Sennheiser Game One - *Razer Kraken Pro V2

DAC S.M.S.L SU-9

Class-D dac/amp Topping DX7 - Schiit Fulla E - Fosi Q4 - *Sybasonic SD-DAC63116

Class-D amp Topping A70

Class-A amp Emotiva A-100 - Xduoo MT-602 (hybrid tube)

Pure Tube amp Darkvoice 336SE - Little dot MKII - Nobsound Little Bear P7

Audio Interface Rode AI-1

Portable Amp Xduoo XP2-pro - *Truthear SHIO - *Fiio BTR3K BTR3Kpro 

Mic Rode NT1 - *Antlion Mod Mic - *Neego Boom Mic - *Vmoda Boom Mic

Pads ZMF - Dekoni - Brainwavz - Shure - Yaxi - Grado - Wicked Cushions

Cables Hart Audio Cables - Periapt Audio Cables

Speakers Kef Q950 - Micca RB42 - Jamo S803 - Crown XLi1500 (power amp class A)

 

*given as gift or out of commission

Link to comment
Share on other sites
Link to post
Share on other sites
Posted

It is possible. Which is why you should always have up-to-date AV running. Sites can run scripts, just like visiting YT or any normal news site does. ActiveX, Javascript etc. Most will be blocked by browser or your AV. Or you get popup asking for running said script. If you run it, oh well.

^^^^ That's my post ^^^^
<-- This is me --- That's your scrollbar -->
vvvv Who's there? vvvv

Link to comment
Share on other sites
Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share
Go to topic listing Programs, Apps and Websites

×