Pink Poogle Toy Forum

I was happy to find that The Daily Neopets even has a Safety Center alert page for such: http://www.thedailyneopets.com/safety/index/



Recommendation is to use Firefox, but for anyone adverse to using FF for any reason (I admit I am one) the Orca Browser is also based on Gecko and has more features, options, blocks more ads and doesn't need extra plug-ins, etc. Translation: not affected by this security hole.

I am braving Neopets on my IE/Avant (since Avant blocks more than IE once I add the file and URL extensions I know are malicious) more to keep track of this than anything. If it has been going on months and TNT is doing nothing about it, someone has to document this. Go me.

Allnameswereout: If I get it again I will do that. I am not afraid since it is a "harmless" virus of sorts (or doesn't affect me) and is only an annoyance. I noticed that I got it once in one day last week, and the other day several times in several page loads (in various places, Shop Till refresh, and yes javascript maybe since also when clicking Items to feed my pets) but I notice there is some link with ActiveX and JavaScript settings in a browser, too. I also got errors that my ActiveX settings prevented the page from loading (thank goodness) at certain times.

It turns out that Neopets is not the only site infected with the bl4ck.com virus, Myspace and many other sites have it too, look below:

Direct quote from washingtonpost.com

"An online banner advertisement that ran on MySpace.com and other sites over the past week used a Windows security flaw to infect more than a million users with spyware when people merely browsed the sites with unpatched versions of Windows, according to data collected by iDefense, a Verisign company."


Go to

http://blog.washingtonpost.com/security ... to_mo.html

to read the rest.


Or go to

http://www.castlecops.com/t161495-Malwa ... issue.html

for some more info on it.

So it turns out that Neopets is not alone.

Of course, but that is not the issue. The bl4ck.com virus is so old I am surprised Ad-Aware doesn't already blacklist it. I thought it used to but I could be wrong. It can be manually blacklisted in Avant or Orca (not IE or FF* by the way) and/or caught by more advanced programs like AVG Free.

EDIT: Yes of course FF does not have this exploit to begin with, but that does not make it some immune-to-all firewall/anti-v; it's just a browser.

The point is, this has been around and affecting neopets users for so long, WITH TNT's awareness of it; yet they have taken no action to alerting or protecting users.

The bottom line of it is, a "huge" approximate 1/10 browser users use FF. Furthermore Neopets recommends IE to "best view and play" on the site and their programmers program with IE. Regardless of personal preference, it is TNT's responsibility to 1) educate or 2) solve the problem.

I think that many users will use neopets far less if they feel less secure (I know even I would and I have a decent ability to rid myself of malware).

This adware/trojan is not even THAT disruptive, more a major annoyance. It's hard to believe with the ingenius people employed TNT can't solve this.

This is what happens when you outsource content on your homepage. Neopets claims their website is virus-free. Well, their ad service is part of their homepage and is spreading sth similar to a virus (call it trojan; semantics). They are simply not able to make such bold claim as either 1) their ad service is out of their control 2) their ad service is in their control and they're spreading this.

FF can block bl4ck.com with Ad Blocker. I block ads and never seen bl4ck.com or any hoompapa virus whatsoever.

Ok, sorry, listen, this is almost off topic now but not. Sorry to have to get another 2 cents in. See my EDIT above. Yes, I acknowledge that FF or ORCA !!!!!!!!! (No I don't work for them I just hate Google/FF/Real) with a Gecko engine (so not the browser but the engine) disallows certain code. It just so happens FF and even Orca (Gecko) cannot even view some "intuitive" and rigorously filtered CSS code on Neopets petpages and shops and such! So again, some people would just rather sacrifice a little 'security' (cause they can handle a few annoyances like bl4ck.com even) while most others are used to ads yet still hate them, and have a lack of skill to rid themselves of or fight against.* So they use FF thinking it will protect them from everything. Not.

*I do not mean, wow this is going to sound 'racist' but here I go, I do not mean people in general coming from a Linux background and ever only using FF so they already have experienced a secure OS (! -- nothing to do with a browser). As previously said, if you use Windows you are brave and should just beware. If not, you have little to worry about (and argue).

Most users are still prone to this on neopets, fact. I am concerned is all.

And for the record I agree with you, no fights please lol. Just trying to make users overall aware of regular usual risks. Beyond that a "trusted site" like neopets.com should not even require using a 'safer browser'.

Yes, Gecko does not pass CSS tests, Trident does not pass CSS tests, and pages which contain CSS do not pass CSS tests. Its a pity. A shameful situation. I believe KHTML (Safari, Konqueror) has the best CSS implementation but there is no (good) port to Windows yet. I also believe both the Gecko team and the IE7 team are improving their products.

The WMF exploit is in a Windows graphics library. Browsers use that library, but they are not responsible for bugs in that library. This is why browsers such as Opera and FF did not fix the bug; its not their bug! The bug does not occur on browsers running on non-Windows. It is not even an IE bug. It is however commonly abused using IE and Microsoft is responsible for both IE and Windows, including the graphics library.

The solutions are the following. Either
1) Don't use Windows.
2) Patch your Windows with earlier mentioned patch.
3) Use Windows with an AV, ad-blockers, and/or other measures.
4) Use Windows with a non-IE browser as the risk with such is lower.

Only option 1 and 2 fix this problem. 3 and 4 can be combined but neither are by no way guaranteed to fix this problem, they are snake oil.

Neopets their 'no virus' claim is bogus and should contain an add-on that they are not responsible for their ads. Because, they lack to show responsibility. Futhermore, they are okay if you block ads.

Well, whatever. And yes sometimes Wiki contains ads because there are spambots or perhaps sometimes people paid to submit ads into Wiki. It's not supposed to. It's also not supposed to have viruses. I'm not sure what your point was, though.

No, you will not be frozen for blocking ads.

Then that is your problem.

What more reason do you need to install a security related patch than it patching up your security so as to prevent this sort of thing?

<edit>
Whoops - double post. Sorry chaps.

Well that is good to know. Now we don't have to avoid Neopets anymore.

i use firefox all the time. i rarely open ie becaus ei hate it. i ahve adaware and avg and znealarma dn windows (crap) security center. i still get the damm virus' and trojans and whatever.

i block ads so i dont get the anoyance and i run the securtiy programs regularly, but i dont have a clue as far as keeping my pc clean goes. i end up havign to use the quick restore to factory settings at least twice a year, more frequently when i get mad at it running slower than i know its capable of lol.

neopets claims to be virus free, they should therefore either not make the claim or the claim should eb the truth. i cant rememebr th ename of the tojans avg picked up on last week, but it couldnt delete them annoyingly. ill have a look tomororw and see if they are the same ones.

good luck wiht tracking it anjuna.

Actually, it is not a problem for me at all. I would rather not have to reformat my disk within the next few days to weeks after installing such. I never ever install updates to IE or Windows and I have less problems than anyone I know. Don't fix it if it ain't broken, is my motto.

So, to answer your question I don't need a reason. Not any at all. Security patches more often sacrifice stability for "security". None for me, thanks.

My ultimate point was, such (adware, trojans) should not be on Neopets. I take full responsibility for any other security breaches on my system. I am glad to hear that Quote above. Wonder how TDN knows that for sure?

EDIT: It's back, folks. Twice in a few minutes right after I cleaned it off and rebooted. Satuday Sept. 9 early AM NST. It appears to be a Java hack of some sorts. It came with that same fake ad, but more files to clean up.

Wake up TNT! I don't feel safe playing an online game. How sad.