Thank you for being a valued part of the CNET community. As of December 1, 2020, the forums are in read-only format. In early 2021, CNET Forums will no longer be available. We are grateful for the participation and advice you have provided to one another over the years.

Thanks,

CNET Support

General discussion

Can visiting a malicious site automatically infect my computer?

May 15, 2015 9:09AM PDT
Question:

Can visiting a malicious site automatically infect my computer?


Since I use Google search for everything these days, it's almost impossible to know what websites are bad and may have malicious intent. My questions to you are, can I get a virus infection just by simply visiting a bad website? Or does it require an action by me like clicking on something within the website? Is an antivirus good enough to protect me from these heinous sites? How do you know if a website is good or bad? I think I've been lucky so far as to not visiting one of these bad sites, but I'm curious as to how these malicious sites work and how I can avoid them, as well as protecting myself if I were to accidentally visit one of them. Your thoughts and suggestions are welcomed. Thank you in advance.

--Submitted by Roger W.

Discussion is locked

- Collapse -
Macs are indeed safer
May 22, 2015 10:47PM PDT

Thanks for the note and your experiment. Indeed, Mac CAN be infected but it takes a very deliberate set of actions to do so. IOS (phones, iPad) is the safest OS ever built. OSX is pretty safe but can be infected if you try hard enough! BTW, in my volunteer work on cybercrime, I have come to this conclusion: if Microsoft Windows had never been created, there would be very little Cybersecurity unity issues in the US. Imagine, no hacking, no loss of identity, etc. thanks for nothing, Microsoft and Android!! Jim b

- Collapse -
No: The MAC vs PC Question
May 22, 2015 10:29AM PDT

In Reply to: Can visiting a malicious site automatically infect my computer?
If you're using a MAC, the answer is No. While the information about how a browser works as described in this thread is correct, it is only the Windows and Android OS that are infected by visiting alone.

We did an experiment where we identified infected sites and then visited them with both PC's running Windows and Macs running Yosemite. None of the Macs were infected. All of the PCS were.

- Collapse -
Sorry
May 22, 2015 12:36PM PDT

Apple has never said that they were immune to Apple viruses. They are only immune to PC viruses and a scan of any a/v website will show that MACs have been hit by viruses many times (not anything like windows, though). Also, if your definition of Virus includes anything that can infect the computer (worms, Trojans, spyware, etc.) then MACs have been hit by lots of stuff. Look up "flashback" which nailed hundreds of thousands of MACs. There was another big one recently that hit MACs. And, if your MAC browser handles JAVA or JAVASCRIPT, then there is a lot of malware out there just for you. I've never seen any statement by Apple that said their systems were immune to anything other then PC viruses and I don't know exactly how true even that is since they are running on Intel platforms these days. Or do you have a statement by Apple that says otherwise?

- Collapse -
Even if Apple said it..
May 22, 2015 6:24PM PDT

I wouldn't believe it. Besides, any nation state bad actor can take over your Mac any time they want. I've seen it happen to the best clients. Even when they are aware of the attack and regain their PC, the crackers can simply use the user's cell phone as a spring board to regain control. There is nothing you can to if you become a target of interest. I realize that is a small number of people in the world, but it is a fact.

- Collapse -
I call all Macs PCs, because of the Intel chip..
May 22, 2015 6:25PM PDT

Just for clarification here.

- Collapse -
3rd party insecurity
May 22, 2015 10:57PM PDT

Yes, you are right. But look at your examples...Flash (Adobe), JAVA, or any other non-Apple tool are quite vulnerable . I admit I use these tools b/c they are efficient. No way ami implying that if one is 100% Apple based one is safe from intrusion. It's just that Apples ecosystem is just so impenetrable! Compare that to any Windows system in the past 25 years. Again if Microsoft never existed, Internet crime would be very minor these days. Ask any malware professional....all our Hacker Wars are due to Windows incredibly poor design! Jim b

- Collapse -
Use Apple's browser...
May 23, 2015 5:29AM PDT

and disable javascript, and you will be almost invulnerable to attack, for most of the time. However, you might not like the web page results you get, so using a browser with No Script or Scripsafe or similar, or an advertisement blocker, can go a long way.

- Collapse -
That is Somewhat True
May 23, 2015 2:10PM PDT

But the issue on Apple is that, in any given month, there are all sorts of vulnerabilities. One month, we had this big forum discussion as to whether or not Apple was impervious to malware. The person who ended the discussion (not me) posted a link to the NIST website's list of the nastiest vulnerabilities for that month and most were Apple. Not PC. End of discussion. The interesting part was that most hackers just ignored this. One thing someone commented on is that Apple was a LOT slower than Microsoft in coming up with patches for vulnerabilities and a lot of people ignore patches (supposedly) on the Apple side. But there have been some really bad Apple malware out there such as Flashback. Luckily, the Russians arrested most of the guys doing that.

- Collapse -
Not even mentioning...
Dec 23, 2015 11:22AM PST

that it is always an Apple that gets cracked first at every Pwn2Own conference on this subject. Windows is not invulnerable of course, but it has improved immensely in the last years.

Using the newest browser, I have had great difficulty testing my defenses with drive by targets fresh off the zero day lists!! IE-11 blocks so many of the threats, that I've had to resort to junk spam email accounts to continue my work. It really helps that java and flash are usually not needed to be installed on the PC now. I'd say Windows rivals Apple on any given day! You have to be using a limited account though, but this is default on Apple - so this has to happen to make the comparison fair here.

- Collapse -
testing
May 22, 2015 3:05PM PDT

Why wouldn't you also use various Linux varieties in this test.

- Collapse -
most
May 22, 2015 8:11PM PDT

well, it takes sme work to learn *nix. Also, a lot of familiar programs don't work either.

- Collapse -
why
May 22, 2015 8:12PM PDT

well, it takes sme work to learn *nix. Also, a lot of familiar programs don't work either.

- Collapse -
YES!
May 22, 2015 11:43AM PDT

Last month I visited a site somehow (I do so wish I could remember which site it was) that installed the FBI WARNING RANSOMWARE on my system and took control of the entire screen. The ransomware screen was maximized to hide the entire viewing area of the screen and nothing could be done to close or minimize it. The only option was to send the "FBI" 500 dollars via prepaid gift-card and they would send me a code to unlock the ransomware screen. F4 would not close the screen, nor would task-manager via ctrl/alt/del. A re-boot, even in safe-mode, (Win7 Ultimate) immediately brought up that ransom screen before anything else could start. It seemed hopeless at that time. (Meanwhile, backup restore was a lifesaver to get to the data.) I also removed the internal hard drive and externally extracted important data files before doing anything else.

Anyway, using a Bing search it seemed hopeless but I finally found a program named HitmanPro.Kickstart which allowed me to create a rescue USB drive to boot the system and kill the ransomware. It worked beautifully! Those guys are wonderful. I have my system back and it works as if nothing happened. They even have some YouTube videos about how to use Kickstart.

So I know from experience that just visiting a site can invoke malware on your system. And I hope my experience here might help someone else recover from a ransomware attack.

- Collapse -
PS... a second computer was required...
May 22, 2015 11:53AM PDT

In my post above I should be clear that to search for a solution and to create the rescue disk a 2nd computer was required. ...obviously.

- Collapse -
Another alternative...
Dec 23, 2015 11:42AM PST

The new Windows versions have excellent recovery options that you can create soon after activating Windows; but even under the old system, you could have run a rescue disc from any of the top AV vendors and killed the process there. For me Kaspersky's Rescue Disc 10 is the easy answer, because it has a Linux browser that can go straight to the Kaspersky site to get tools like TDSSKILLER to stop the bootkit or root kit processes blocking recovery attempts. Of course it is best to burn this disc BEFORE you have any problems, and can be reasonably sure nothing is hiding on the PC. I recommend running it and downloading the updates before needed to, so the update process is not so long and tedious.

- Collapse -
Yes it can
May 22, 2015 11:59AM PDT

I was looking for pictures of Mickey Mouse and when I followed one of the search results to a website, the website immediately began reconfiguring my computer and tried to "pornify" it, disabling certain browser configuring commands, and even tried to put a porn picture on my desktop. I may have used antiviral software to clean it out and nurse my browser back to health. It was long enough ago that I forgot all what I had to do to fix this. Such websites always misrepresent themselves since they're acting in bad faith. This WAS back in my Windows days. Surfer beware!

- Collapse -
Hmmm...I got a laugh from the Micky Mouse reference becuz
May 22, 2015 1:06PM PDT

my nephews have hit puberty and curiosity has got the best of them. Last weekend they were on my computer a lot and laughing. When I asked what was up they told me looking up movies and Avenger heroes. Well....now I know what they were up to with all the porn hits coming up and a look at history.....So ran all my anti-virus and protection tools and cleaned all up. Now I have my no porn speech ready for their next visit. I think I'll begin the talk with "I know you meant to only look up Micky Mouse on your last visit but...."!!

- Collapse -
Parental controls...
May 23, 2015 5:35AM PDT

Many new versions of Windows now have fairly excellent controls to block bad content, It isn't fool proof but installing WOT, AdBlock Plus, and using a secure browser like Comodo's Dragon or Chromodo can auto block adult content. Also if you are savvy on Administrative tools, you can prevent changing browser settings to allow adult content in the browser for those times with all else fails.

- Collapse -
teenagers and computer
May 24, 2015 4:33AM PDT

Letting your kids use your own computer is a recipe for virus. Get their own computer (even if it is a clunker) and wipe it frequently so any virus will be gone.

- Collapse -
First, replace Google.
May 22, 2015 1:40PM PDT

I am told that using https://ixquick.com/ as your default search engine is slightly safer. They are not so nosy as Google and they don't seem to get so many spyware or malware sites as their top hits.
There's a button on their page to install them as a search engine.

- Collapse -
Re: First, replace Google.
May 22, 2015 2:01PM PDT

I have used McAfee's Site Advisor for several years but it hasn't been working on this laptop lately so I tried uninstalling it from CONTROL PANEL several times but all of my attempts to uninstall the program were unsuccessful. What's another good program I could use to take the place of McAfee's Site Advisor which isn't working on my laptop anymore?


Big Steve
05/22/15

- Collapse -
WOT.
May 23, 2015 3:49AM PDT
- Collapse -
McAfee's removal tool.
May 23, 2015 5:44AM PDT

If you unintentionally installed the security center with McAfee or even otherwise, you may need their removal tool. They keep changing the URL to that file, so I won't post it here. Otherwise it is just a matter of trashing or disabling the plugin - depending what browser you are using.

- Collapse -
Removal
May 23, 2015 1:18PM PDT

I have generally worked with Symantec when I was working and they had removal tools and even a document on how to remove their products manually. I would hope that McAfee has the same. However, one way to remove browser-based tools like Norton/Symantec/McAfee is to go to the add-on section of your browser and see if the software is listed as an add-on or extension. Then you can remove it from the add-on manager (depends on which browser you have).

Also, you need to remove the products as an administrator and have the correct password if you are just using the add/remove control panel.

- Collapse -
First line of defense
May 22, 2015 2:24PM PDT

One thing everyone should always do when installing any (no experience with Macs but I would guess this applies) computer os is set the os up for 2 users - Administrator / Root and Regular / Unpriveleged. This was mentioned in another post but imo needs more emphasis. Do not allow the regular user to install software. Log in generally as a regular user that can't install software. Never go online as administrator (admin) except to go to a trusted site that has software you want to install. If you can download the software as a regular user do so and then log in as admin for installation. I ran Windows XP almost exclusively as an unpriveleged user for a couple years without any antivirus / antimalware with no problems. However I'm very selective about sites I visit so I would recommend security software generally. And malicious hacking is way more prevalent today. There are several good suggestions in this thread.

Going online unpriveleged decreases the chance of some infection but certainly doesn't eliminate it.

- Collapse -
It happened to me, so a definite YES!
May 22, 2015 2:44PM PDT

I was doing a Google search one day a while back for something and one of the hits typically that you get is something like, a site that has pictures of what you are searching for. So I was looking at various pics related to my search, and didn't have an issue until I happened to click on just the right one that was misdirecting me to a nefarious site. Next thing I know, my screen went blank then up popped up that infamous FBI ransomeware!!

Luck for me, I knew exactly what to do from there.

I unplugged my computer and did a hard re-boot into safe mode. I then did a system restore to an earlier time frame and I was back in business. Just to be sure, I updated all of my antimalware/anitvirus stuff and did a complete and thorough search to make sure it was all gone.

All I can say is, thinking about this in hindsight, I should have looked at the part down below that tells me the site's address. You see, when you hover over a link, down below on your browser it will show you the website's address. If it looks questionable, don't click on it!

That's the best advice I can give since it doesn't seem to matter if you have or what you have in place as anti malware. I was running Malwarebytes along with Zonealarm fully updated when this happened to me. So your first line of defense is

Look Before You Leap.

- Collapse -
Visiting a malicious site
May 22, 2015 4:31PM PDT

YES! But, using a good Sandbox program, WOT and Malwarebytes goes a long way in keeping your PC safe if you do blunder onto a bad sight. If unsure, don't enter.

- Collapse -
Turn off Java!!
May 22, 2015 8:58PM PDT

Since Java is a true programming language, it can do serious damage to your computer. Few sites actually use Java in their pages -- they use Java script that only runs within browsers. You can turn off Java, but still leave Java script on. Just double click the Java icon in the Control Panel, click on the Security tab, and uncheck the Enable Java content in the browser box. This won't eliminate everything, but it's a good start to weakening the attacks on your system. Java defaults to have the box on, which makes sense from their end, since they want to have more people use their language. However, it leaves almost everyone's computer open to attack by a widely known programming language. Unchecking the box puts a stop to that. I have bookmarked only one site that actually uses Java; I rarely use the site, so I keep Java turned off unless I know I'm going there. It's just a couple of extra clicks, but well worth the extra protection.

- Collapse -
Turn off Java!! -- Reply to SD-DS
May 23, 2015 12:29AM PDT

Thank you for the tip! I disabled Java as suggested.
I get the message that a lot of malware is written in Java.
Do you or anybody have an idea about how much?

Likewise I appreciated the tip about Web of Trust, downloaded the program, and love it.
This is a great forum thread; thanks to everybody!

- Collapse -
It is a matter of most likely vector...
May 23, 2015 5:54AM PDT

The first thing most malicious attack packages look for is java or javascript enabled and whether the flash version (if installed) is vulnerable. If you mitigate those two things with updates or disable them, you have gone a long way. If you really want to go further, install Secunia PSI and File Hippo's Application Manager to keep up with the latest updates for many applications out there.

You can also sign up with CNET's update advisories for each favorite application you use, and receive timely emails for when a new version is available. As far as java and flash - if you need to have the application installed on your PC, the best way to get the zero day notification is to sign up for Krebs on Security, as he is regularly two to three days ahead of the pack!!!