-1

Like others, I am not really sure if drive by downloads can actually happen. I was given a website with a bit.ly link today. I visited it and then immediately closed it.

These are what I have done so far:

  • Create a virtual machine, and and visit that website in your VM
  • Use the same browser and google for whether the browser has any known exploits
  • Use wget like this wget -O name website
  • Use phishtank which captures it as a JPG
  • Use a LIVE CD which runs on RAM
Ohnana
  • 4,727
  • 2
  • 24
  • 39
ron
  • 1
  • 1
    I am voting to close this question as too specific. Since it only deals with one specific web page (which could be taken down any day), this question will not be useful to users who find it several months from now. If you can re-phrase it in a more general way: "This website did [X], is that dangerous?" or "Should I be worried about [Y]" then you should open a new question (and please try to provide as much detail as you can in the question itself). – Mike Ounsworth Mar 10 '16 at 14:11
  • I would really like to know if there is something malicious on this website. I will rephrase it – Sab Mar 10 '16 at 14:20
  • You can run sites through VirusTotal to check if they are clean. A clean result does not mean that it is clean, but it does imply that there are no known problems. – AstroDan Mar 10 '16 at 14:23
  • Drive-By-Downloads are often shipped to only specific recipients (by Browser, Source-IP...). So it can happen that one person gets the malware while somebody researching the issue does not. That's why I vote for closing too. – Steffen Ullrich Mar 10 '16 at 14:26
  • I have edited the question. THe problem is often people visit websites accidentally, and end up not knowing how to remove the virus. It would be good if we have a set of instruction to find the file downloaded, or at the very least check if there is an infection on that website – Sab Mar 10 '16 at 14:31
  • @Sab We do have a set of instructions for dealing with compromised systems: http://security.stackexchange.com/questions/39231/how-do-i-deal-with-a-compromised-server (even though it says server in the title, it applies to end user systems too) – Matthew Mar 10 '16 at 15:53

1 Answers1

1

The bit.ly link redirected me to a website that gave me a 'warning' if I really did not want to benefit from product x or y. I'd say that the bit.ly URL directs you to a malicious website that is not worth visiting.

As far as drive by downloads go: It can happen by checking an unknown bit.ly link or any other URL. Just be sure that you trust person who gave you that link or ask if a website can be given without making it shorter. I'd advice to keep your PC and software up-to-date to avoid being victim of drive by downloads (even if you accidentally click on them).

SP-Brown
  • 73
  • 7
  • so what do i have to do to check if I have been infected – Sab Mar 10 '16 at 14:33
  • Make sure your machine can't spread the virus/malware to other machines in the same network. Then you could perform a full system scan using AV software or smaller AV software like: Malwarebytes or SuperAntiSpyware. Be sure that your system is clean of any virusses before reconnecting it to the network. – SP-Brown Mar 10 '16 at 14:40
  • I havents used MalwareBytes? Is this good? – Sab Mar 10 '16 at 14:48
  • I always use SuperAntiSpyware and MalwareBytes after I finish a complete scan. One does find things the other does not (like SAS finds a lot of cookies that MB does not detect). There are more tools that I use to check for any breaches, so I could look them up if you'd want. – SP-Brown Mar 10 '16 at 14:57
  • Sure. I would like to know some more alternatives. If I run it through my AV and MalwareBytes, it should be okay right? – Sab Mar 10 '16 at 15:08
  • You should be fine, I do advice to have two seperate AV programs beside your main AV program. While I have also mentioned Malwarebytes and SuperAntiSpyware, you could use: MAB Anti Exploit (that protects your browser), McAfee Stinger/Clam AV(Basically a smaller standalone AV program suitable for example a USB stick), MAB Anti Rootkit (This helps against rootkits but is still in Beta). Those are programs that I use personally, I also have a few bookmarks filled with useful URLs to check domains/e-mail validators and SSL certificate checker. – SP-Brown Mar 10 '16 at 15:53