引用自 Uri：

Tomtucker, this can literally happen to you:

Someone sends you a link to something that seems like an image hosting site. The site is sufficient on its own to send you something and run whatever inside it, without any of your actions but having clicked that link.

Within only a few seconds, behind the scenes that virus has corrupted your anti-virus's .dll's, rendering it disabled.

Within a minute, you will suddenly find your computer giving you a blue screen, as the virus has been corrupting/deleting your ROOT files, making your computer impossible to ever restart unless you would wipe your OS.

THAT, is what a virus is capable off. They can easily breach, they require no manual activation/execution, you only need to unawarely visit their source.

They used to wipe the FAT table as well. Most viruses want you to spread them before they detonate, though, so while that's possible, it's unlikely. But you're still screwed.

引用自 Processor：

ESET NOD32 + Firefox + NoScript + Blur + Adblock Plus + Not Being Stupid = Win

Well, yes. If there were no stupid people, it wouldn't work.

Yeah that's one of the property this exact virus does. It runs a macro to spread the same link to everyone in your list. The 'contamination' phase.

引用自 Tomtucker：

引用自 Uri：

Cookies and other temporary internet files, or through live/passive transmission.

Simply obtained by opening a site, mail, watching a video, engaging a skype conversation with another affected person. ANYTHING that involves communication with another computer.

you are truly paranoid. engaging in a skype conversation with another person will not infect your computer nor will watching a video infect your computer. you are just paranoid.

It can. Ever heard of the backdoor keystoke executable, You log onto any site that you use a password for and if that Trojan is hiding out on the site. Bam the hacker can see every key you hit anytime they want. They usually use it for password capture. You have to use a password for Skype dude.

引用自 Uri：

@Portaller, the virus in question on this subject doesn't run by an executeable. It automaticly enters and executes when you visit the 'image' site.

that is a lie you have to run an executable.

Wow you seem unaware what all can be infected.

For example

Visit youtube search for anything (possible infection), those ads that pop up in screen of the video (infectable), those ads that run on the side (infectable), the x close box on either to remove them (infectable), as well as if you actually click on their link. And that's all without logging into a youtube account, cause your sign in is (infectable).

Hitting/using a program with a hyperlink or/and exe designation isn't the only way to get hit by hackers.

Simple logging into my email, and not even opening a single one is what infected my box. I never clicked link one.

You watch any video on any site. The site used your adobe flash, silverlight, winvid, java, and/or a few windows subproceeses just to allow your stream.

Use google or any search engine you just opened your firewall up.

Try visiting IMBD right now. they got hit this week and still haven't shut down their hack status. You better remove the 3 worms you'll get on their opening splash page alone.

Comcast.net got hit 2 weeks ago and it still doesn't function worm free.

Steam got hit last week, and they patched for it. But I think they patch every week recently.

The hacker stuff is flying thick right now. Cashing in on hloiday online shoppers and that stupid N Korea stuff too.

Just avoiding strange links and hoping your virus scanner is working is grossly delusional in the current enviroment.

引用自 Tomtucker：

you are paranoid. doing none of those things can infect your computer. you are spreading lies.

Totally possible, actually, even though it's not likely.

Oh ty

@Tomtucker, ok well if you think you are *so* resistant against viruses, go ahead and live your dream. If you get affected and lose everything on your computer or on the internet you held dear, don't say we didn't inform you.

引用自 Tomtucker：

引用自 sara_bear：

Wow you seem unaware what all can be infected.

For example

Visit youtube search for anything (possible infection), those ads that pop up in screen of the video (infectable), those ads that run on the side (infectable), the x close box on either to remove them (infectable), as well as if you actually click on their link. And that's all without logging into a youtube account, cause your sign in is (infectable).

Hitting/using a program with a hyperlink or/and exe designation isn't the only way to get hit by hackers.

Simple logging into my email, and not even opening a single one is what infected my box. I never clicked link one.

You watch any video on any site. The site used your adobe flash, silverlight, winvid, java, and/or a few windows subproceeses just to allow your stream.

Use google or any search engine you just opened your firewall up.

Try visiting IMBD right now. they got hit this week and still haven't shut down their hack status. You better remove the 3 worms you'll get on their opening splash page alone.

Comcast.net got hit 2 weeks ago and it still doesn't function worm free.

Steam got hit last week, and they patched for it. But I think they patch every week recently.

The hacker stuff is flying thick right now. Cashing in on hloiday online shoppers and that stupid N Korea stuff too.

Just avoiding strange links and hoping your virus scanner is working is grossly delusional in the current enviroment.

you are paranoid. doing none of those things can infect your computer. you are spreading lies.

So sad. I don't wish you an infection. But you'll get one with those delusions.

Go take a programming course dude.

@Sara honestly you don't even need a programming course to know this ×D. Just common sense.

引用自 Tomtucker：

lol this is not common sense. you are paranoid skitzo's. doing none of those things will infect your computer.

http://en.wikipedia.org/wiki/Nimda#Methods_of_infection
http://en.wikipedia.org/wiki/Klez
http://en.wikipedia.org/wiki/SQL_Slammer#Technical_details
http://en.wikipedia.org/wiki/Sasser_%28computer_worm%29
http://en.wikipedia.org/wiki/Conficker#Initial_infection

引用自 Uri：

@Sara honestly you don't even need a programming course to know this ×D. Just common sense.

Oh agreed. But that dude is so clueless he'd even argue with the programming for dummies book. I just thought he'd listen to a professor a tad better.

Bro... I am in the IT myself, and I am around lots of developpers. You really think they would be lying, and that you as just a random gamer would know better? Please...

I'm not going to respond to your stubbornness anymore. If you think you are so invincible, then go ahead live your dream, but don't say we didn't warn you. Enjoy your life.

引用自 Tomtucker：

you are spreading lies and trying to incite mass hysteria. cut it out. none of what you said is true. common sense protects you from viruses and trojans. your antivirus is only as smart as you are.

There are a lot of historical instances where malware spread to users without their interaction. I posted some earlier, those being

http://en.wikipedia.org/wiki/Nimda#Methods_of_infection
http://en.wikipedia.org/wiki/Klez
http://en.wikipedia.org/wiki/SQL_Slammer#Technical_details
http://en.wikipedia.org/wiki/Sasser_%28computer_worm%29
http://en.wikipedia.org/wiki/Conficker#Initial_infection

.

引用自 Tomtucker：

引用自 Uri：

I'm not going to respond to your stubbornness anymore. If you think you are so invincible, then go ahead live your dream, but don't say we didn't warn you. Enjoy your life.

ive never been hacked or given my account away. im not dumb. most of the people who get "hijacked" stupidly click on executable to run and have no antivirus. your security system can only protect you so much if you leave the door open.

That is also true. You will not get your Steam account stolen through such worms. That kind of malware is usually trying to make your computer join a botnet, crash the internet, destroy computers en masse, or otherwise bigger payloads.

I guess i'm safe if it only attacks people who have actual friends they talk to here

I got three Links with Images that are actually .scr Files, but this is not visible in Steam, which is a Security Issue of the Steam Client that should be fixed ASAP!

Its the same old Security Issue that hit Win95 long long Time ago, i don't get it why Steam repeats the same Security Issue and still hasn't fixed it.

Its a open Door for exactly such Attacks, where the Scams send you Files with non-executable Extension that are in Reality executable, this should be made impossible.

In the Past it was possible to send a File like .jpg.scr or .jpg.exe and only the .jpg was showed, but if someone opened that File, it was executed. The Steam Client seem to have the exact same Security Issue, i checked those Links and the true Extension .scr is not shown, instead it looks like an Image.

So its clearly a Steam Client Security Issue and a such Thing should be fixed instantly else Steam is to made Responsible for any Damage caused by it!

Yeah of Course, People should know by now that they should not execute any unknown Files, but opening an Image with .jpg extension is not executing a File and if the Software (in this Case the Steam Client / Steam Webhelper) is so dumb and cheap that it allows hidding extensions to the User and then instead showing a Image executes the File, it's also the fault of the Software and not only the one of the User.

Good Thing is this Attack does not really work with newer Windows and if Internet Explorer is up-to-date, at least the User will get a Warning Message and is asking for permission to execute, because Steam seems to use the Internet Explorer Engine.

And clicking on those Links opens Internet Explorer with that Link, at least its what happened when i tested it and this should not execute it if your System is up-to-date.

Also i analysed that Virus a bit, it seems that it trys to directly hijack the Session, at least there is code for it in there. So i suppose it's able to hijack the Steam Session and to use the API directly to do his malicious work. Thats also why it is able to send Messages to the whole Friendslist.

Steam really should fix that Hole, why the hell they put so much Effort on detecting Cheats with VAC but then seem to be totally blind if their whole Client/API gets hijacked?