God damn it, facebook link hijaker

So, after avoiding any fuckups with the computer since back in 1994 I got snagged by a link hijacker on Facebook.

In my defense I was tired, and it was of course a link from a friend facebook page.

Regardless, it redirected me someplace, and posted a like/link from my profile, which I removed about 5 minutes afterwards.

Now “MS Security Essentials” informs me that:

Exploit:Java/CVE-2012-0507.U
Exploit:Java/Blacole.ET
Exploit:Java/Blacole.FD
Exploit:Java/Blacole.FQ

Were detected in

C:\Users###\Appdata\LocalLow\Sun\Java\Deployment\cache\6.0\43\

Blacole is a collection of various exploits that drop a rootkit on your system.
It uses several attack vectors, such as Javascript, Java and Various Adobe Products.

I was using a fairly recent verison of chrome (20 something) but did not have the most up to date Java.

In the past I’ve usually Browsed with Javascript and Plugins disabled, but due to how many sites are so “#%&”# I at some point decided to enable it again, and, look where it got me.

So; Now its disabled again, the files are removed, a full scan didn’t detect anything (But, if I have a rootkit it probably wont be detected, so might as well reinstall already - or use a USB/DVD-rom with a more thorough AV Scanner to check my OS… ).

My theory is that, the Cache files were only the start of the attack, and that it didn’t fully succeed because it could not exploit any vectors. But who knows.

Of course, it doesn’t really encourage faith in the AV solution when it Triggers on several apps that Inject Code in other processes (i.e. game trainers) and tell me the same warnings as this.

Anyway:
I wonder if there is a Google Chrome plugin that can let me easily enable/disable PLUGINS/JAVASCRIPT for multiple sites, and not just the “URL” site. I.e. Google.com might have a Javascript, but it might also use a javascript from Goo.GL which will be disabled and the CHrome UI will not inform me that it too has to be enabled.

Perhaps I need to make it myself.

Here you can read more about the fun Blacole:

Just hope it doesn’t lead to the FBI Ransomware. I did battle with that one on a friend’s computer last weekend and it was a pain in the ass. Blacole showed up on that computer too.

Think I got away from it… but, anyway, for safety I fired up VMWare Workstation, installed a Windows 7 on it, and now I do all my email/browsing/banking from a snapshot that I know is clean.

(this was posted through the VM :) )

The lack of a NoScript from Chrome is the main reason I’m still using Firefox.

Yeah, Chrome is wonderful and slick, but has never felt as secure, to me. Plus the FF webdev extensions seem to work a little better for me than the Chrome equivalents.

NotScripts works great for me in Chrome. I’ve been using it for probably about a year now.

Actually, I prefer ScriptNo to NotScripts, for NoScript-like function on Chrome. It’s a lot less clunky than NotScripts.