Adware Stages Comeback Via Browser Extensions
Results 1 to 2 of 2

Thread: Adware Stages Comeback Via Browser Extensions

  1. #1
    Registered User slgrieb's Avatar
    Join Date
    Feb 2003
    Posts
    4,103

    Adware Stages Comeback Via Browser Extensions

    From krebsonsecurity.com, an interesting blog about the new wave of adware being slipped in as browser extensions (frequently using Crossrider apparently). Check out the privacy policy of an extension called IWantThis!:

    "Examples of the information we may collect and analyze when you use our website include the IP address used to connect your computer to the Internet; login; e-mail address; password; computer and connection information such as browser type, version, and time zone setting, browser plug-in types and versions, operating system, and platform; the full Uniform Resource Locator (URL) clickstream to, through, and from the Site, including date and time; cookie; web pages you viewed or searched for; and the phone number you used to call us."

    Full story here

  2. #2
    Registered User CeeBee's Avatar
    Join Date
    Nov 2002
    Location
    USA
    Posts
    2,494
    It doesn't mean they are collecting everything, it just gives them a blanket cover for all.
    Anyway this is already SOP for anyone handling websites and being interested in WHO visits them.
    Sanitized sample from the visitors on our website... obviously I am associating previous sessions with the current visit, clearing cookies doesn't change the IP/browser signature combination...

    202.***.***.***, Mozilla/4.0 (compatible; MSIE 8.0; ...., y****@mail.****.jp, initial visit, 4, ?
    202.***.***.***, Mozilla/4.0 (compatible; MSIE 8.0; ...., y****@mail.****.jp, page browse, 17, http://www.************.com/index.php
    202.***.***.***, Mozilla/4.0 (compatible; MSIE 8.0; ...., y****@mail.****.jp, page browse, 0, http://www.************.com/login.php
    202.***.***.***, Mozilla/4.0 (compatible; MSIE 8.0; ...., y****@mail.****.jp, page browse, 3, http://www.************.com/login.php
    202.***.***.***, Mozilla/4.0 (compatible; MSIE 8.0; ...., y****@mail.****.jp, page browse, 2, http://www.************.com/welcome.php
    Last edited by CeeBee; May 23rd, 2012 at 09:02 AM.
    Protected by Glock. Don't mess with me!

Similar Threads

  1. Replies: 0
    Last Post: October 3rd, 2005, 03:46 PM
  2. Replies: 4
    Last Post: March 27th, 2002, 08:38 PM

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •