So it is impossible to natively block a malicious website in Opera, right?

A Former User

A Former User last edited by

The last three days while browsing I'm getting about once per day an annoying malicious website popup that takes control of the browser and I have only two options:
a) click on it's malicious popup and say "yes" I want to leave (and who knows what it is going to use my click for)
b) force shutdown of the Opera browser via using the windows task manager.

I can't help but noticing the lack of protection for such websites:
a) Where is Opera's protection? Why a website should take control of the browser and not allowing me to click any of its buttons, other than what that site wants me to click?
b) Why there is no option to block a specific website from loading?

Unless I'm missing something.

*I also have the apparently useless addon 'Ublock Origin' and the Kapersky Internet Security, The later ensures that there is no virus.

leocg

leocg Moderator Volunteer @Guest last edited by

@antimech I would say that it's impossible to natively block nay site or almost any browser.

You seem to have a malware in your system. Did you already scan it with an anti-malware and and anti-virus?

blackbird71

blackbird71 last edited by

Unless you're getting the popup repeatedly on the same website(s), the implication is that specific websites are not the actual cause. In which case, it's something already onboard your computer or browser that's triggering the popups... either malware or adware. Check your Opera browser extensions for anything you don't recognize as something legitimate and clean it out; run a full-system scan for malware and adware using reputable 'anti' tools. Ublock won't trap or block adware/malware already installed into the browser; Kaspersky may or may not trap a particular form of adware, especially if it was installed 'piggy-backed' on some other legitimate software you may have downloaded and installed.

sgunhouse

sgunhouse Moderator Volunteer last edited by

It sounds like some external program or perhaps an extension installed on your system is trying to open a website, but Opera is blocking that site. Try to find the program or extension which is opening the site. As far as the site itself, you can just close the tab or go back.

The warning is not from the site itself, if you tell Opera to go back the site will not know this.

A Former User

A Former User @sgunhouse last edited by A Former User

It was an aggressive adware/malware of the sort "you are the lucky winner" that was called by some specific website or installed without my consent.
In both cases a browser should not allow full control without an escape method, by any website and any addon when the code itself is not infected.
That is perfectly feasible. Period.

Each time I forced shut down of the Opera via task manager and cleared all history -except logins, but it appeared again. I had left tens of websites open though, so most likely one of them was calling that site again. Not one was of the "suspicious" kind though. The malware website had the same basic domain, hotbaby.tk. or hotbabyp.tk -I think it was the later. At some point I closed many sites and now has stopped appearing for more than 24 hours.

If Opera provided a user-defined blacklist, other than the "malware block" blacklist that is not editable, I could have get rid of that site in seconds.

Despite it was not a virus, I have started a full Kapersky scan but it will take many hours to scan those terrabytes.

blackbird71

blackbird71 @Guest last edited by

@antimech said in So it is impossible to natively block a malicious website in Opera, right?:

It was an aggressive adware/malware of the sort "you are the lucky winner" that was called by some specific website or installed without my consent.
In both cases a browser should not allow full control without an escape method, by ... any addon when the code itself is not infected.
That is perfectly feasible. Period. ...

Given that in current chromium rendering engines, extensions potentially have the ability to hook a browser's 'internals' before the browser actually processes the site code, the browser may not be able to "escape" what an extension does. This is how Ublock Origin, Ghostery, and many other similar extensions are able to block sites (or portions thereof) effectively. A malicious extension can use the same hooking mechanisms to inject ad pages into the browser data stream, and there is little that can be done in the browser itself to over-ride the behavior other than disabling/removing the offending extension. There is currently much controversy over chromium developers' recent efforts to reduce the scope of some of the extension hooking since that would also make ad blockers less effective, though it would tend to reduce the attack surface used by rogue extensions.

A Former User

A Former User @blackbird71 last edited by

@blackbird71 said in So it is impossible to natively block a malicious website in Opera, right?:

A malicious extension can use the same hooking mechanisms to inject ad pages into the browser data stream, and there is little that can be done in the browser itself to over-ride the behavior other than disabling/removing the offending extension.

Maybe I misunderstand you, but wouldn't @antimech's suggestion to allow the user to block specific websites in Opera until a malicious situation has been analyzed and resolved not make sense precisely because of this circumstance?

@antimech wrote:

If Opera provided a user-defined blacklist, other than the "malware block" blacklist that is not editable, I could have get rid of that site in seconds.

Since web browsers - unlike in the past - no longer offer an offline mode, in my opinion an unwanted connection can only be cut and investigated unnecessarily cumbersomely, e.g. by unplugging a LAN cable, creating specific web page rules in the router or manipulating the Windows hosts file etc.

How much more convenient would it be if Opera could simply be started in offline mode (e.g. by a command line shortcut) to block then questionable connection requests in the user-defined blacklist until the issue is finally resolved?

blackbird71

blackbird71 @Guest last edited by

@yanta said in So it is impossible to natively block a malicious website in Opera, right?:

@blackbird71 said in So it is impossible to natively block a malicious website in Opera, right?:

A malicious extension can use the same hooking mechanisms to inject ad pages into the browser data stream, and there is little that can be done in the browser itself to over-ride the behavior other than disabling/removing the offending extension.

Maybe I misunderstand you, but wouldn't @antimech's suggestion to allow the user to block specific websites in Opera until a malicious situation has been analyzed and resolved not make sense precisely because of this circumstance?

The effectiveness of that would depend on the extension consistently injecting the same ad page URL and the user being able to identify that URL so as to block its appearance. Moreover, if an injected pop-up ad came directly from the rogue extension code itself, the user would only be able to block the ads' linked URL but not the extension's pop-up itself (unless they identified and blocked the extension).

A Former User

A Former User @blackbird71 last edited by

@blackbird71 I did not take these aspects into account, thank you for the explanation.

A Former User

A Former User @blackbird71 last edited by A Former User

@blackbird71 said in So it is impossible to natively block a malicious website in Opera, right?:

Given that in current chromium rendering engines, extensions potentially have the ability to hook a browser's 'internals' before the browser actually processes the site code, the browser may not be able to "escape" what an extension does. This is how Ublock Origin, Ghostery, and many other similar extensions are able to block sites (or portions thereof) effectively. A malicious extension can use the same hooking mechanisms to inject ad pages into the browser data stream, and there is little that can be done in the browser itself to over-ride the behavior other than disabling/removing the offending extension. There is currently much controversy over chromium developers' recent efforts to reduce the scope of some of the extension hooking since that would also make ad blockers less effective, though it would tend to reduce the attack surface used by rogue extensions.

That is the problem, browser, page code and extensions almost run on the same level.
Obviously, the whole browser-extension architecture (all browsers) is flawed and primitive.

Instead, the user should always have the highest level of control and priority, next should come the browser and last the page code and the "extensions". The page code and the extensions should run completely isolated from the real world and whenever they need to "communicate" they should only be able to request high-level features implemented, provided and supervised by the browser with a safe protocol.
So there will be only one specific entity responsible for the implementation: the browser, and no harm should be possible by any code running inside a web-page or extension.

All data (sensitive or not) should only exit the browser in an encrypted (useless) form and local access should be highly restricted.

The ads should have a specific user-friendly standard. Non-standard ads reported should cause the ban of the website. So if the user doesn't want ads, there will be no ads -no ad-blocker extension required.

If and when a nasty behavior is noticed by the user, both the effect and the cause would be easily identified by the middle guy -the browser and blocked by the user, eg, not just the URL, but also the page or extension that opened it.

That I would call a user-centered browser -just a few ideas.

A Former User

A Former User last edited by

So, this is not like impossible. For the last few days I was also facing that problem but the problem was regarding confirming form resubmission and then turn off confirming form resubmission. I was using opera for the last 2 years. But the problem was a new one. Then I browse to solve the problem and got a very easy solution. It was nit actually a malicious or opera issue. I am sure anyone can face this issue. If you want to know that how to turn off confirm form resubmission chrome, then you can browse.

A Former User

A Former User @Guest last edited by

@john021 I experienced once more that issue from another website (the malicious page was identical), so I did what you suggested and it worked - I was able to close that page, thanks. Still, that is just a workaround that almost nobody knows.

BTW, Kapersky found a couple of Trojans on my system, one of them was on a program I had downloaded recently for an iphone app, as I was searching for iphone apps these days. Assuming that every file that is created is checked, the Trojan was added at a later time, most likely by that website -despite the browser, the Ublock Origin and the antivirus. Also, another (legit) adware app caused my iphone to stop charging just after I accidentally opened one of its ads (and it took me some time to think of a solution which was to reset all settings and re-enter them one-by-one). So the websites are not prevented from causing harm, the web standards are - kindergarten-level to say the least....