Zippyshare Malware Vault

Malakke · Oct 28, 2016

Hello friends. I'm playing with some malware from Malware Vault in a Virtualbox image of Windows 7. When i try to download some pack from zippyshare links, usually open a new tab with a scareware alerts... Is there any way to block this tabs? I wonder if i could do this with Ublock Origin. Thanks

Regards

DardiM · Oct 28, 2016

Malakke said:
Hello friends. I'm playing with some malware from Malware Vault in a Virtualbox image of Windows 7. When i try to download some pack from zippyshare links, usually open a new tab with a scareware alerts... Is there any way to block this tabs? I wonder if i could do this with Ublock Origin. Thanks

Regards

Hello !
Some scareware alerts like in this post ?
https://malwaretips.com/threads/warning-false-threat-detected-phone-number-scam.61208/

Malakke · Oct 28, 2016

DardiM said:
Hello !
Some scareware alerts like in this post ?
https://malwaretips.com/threads/warning-false-threat-detected-phone-number-scam.61208/

Not exactly. More like rogue or false alerts of you have been infected by virus

yigido · Oct 28, 2016

Using Adguard here and no redirect to other pages

I think a clicker adv. is hidden under download button.
Can you please add the following rules to your uBO user filter?

Code:

/worker.php$domain=songspk.live|zippyshare.com
|http://$script,third-party,xmlhttprequest,domain=zippyshare.com

SHvFl · Oct 28, 2016

What browser do you use? If chrome try this in blacklist mode and blacklist zippyshare so it can't spawn new tab.
JavaScript Popup Blocker

If you use firefox use this to change the settings so nothing can do popup
Simple Popup Blocker

Also make sure you are not clicking a false download button. About ads ublock origin should have you covered.

DardiM · Oct 28, 2016

Very oftent, the bad part isn't put when you click on the button to download, but when the page is loaded.

Look for one request on the website (just loading the webpage) :

http: //www23.zippyshare.com/v/....../file.html

18:38:37 -- dom 28-10-2016 #10.zip
18:38:36 scrip
https: //www. gstatic.com/recaptcha/api2/r20161024122636/recaptcha__fr.js
18:38:36 image http: //www23.zippyshare.com/images/favicon2.ico
18:38:36 script https: //www. google.com/recaptcha/api.js?render=explicit
18:38:36 image http: //www23.zippyshare.com/images/favicon2.ico
18:38:36 /a/display.php? -- script http: //www .maxonclick.com/a/display.php?r=1142807
18:38:36 /a/display.php? -- script http: //www .maxonclick.com/a/display.php?r=1142801
18:38:36 /a/display.php? -- script http: //www .maxonclick.com/a/display.php?r=1142795
18:38:36 addthis.com/addthis_widget.js << script http: //s7.addthis.com/js/300/addthis_widget.js#pubid=ra-4d7009770839a69f
18:38:36 ||addthis.com^$important,third-party -- script http: //s7.addthis.com/js/300/addthis_widget.js#pubid=ra-4d7009770839a69f
18:38:36 google-analytics.com/ga.js << script http: //www .google-analytics.com/ga.js
18:38:36 ||google-analytics.com^ -- script http: //www.google-analytics.com/ga.js
18:38:36 @@||zippyshare.com^$elemhide ++ elemhide http: //www23.zippyshare.com/v/....../file.html
18:38:36 inline-script 28-10-2016 #10.zip
18:38:36 doc 28-10-2016 #10.zip
http: //www23.zippyshare.com/v/H3

uBlock Origin activated.

If not activated, a lot of more is loaded

SHvFl · Oct 28, 2016

@DardiM
I see. I don't get this when i download from zippyshare. Maybe it depends on location or something.

EDIT: Maybe adguard blocks the domain spawning this. Assuming the rule @yigido posted is from default English list.

Malakke · Oct 28, 2016

yigido said:
Using Adguard here and no redirect to other pages
I think a clicker adv. is hidden under download button.
Can you please add the following rules to your uBO user filter?

Code:

/worker.php$domain=songspk.live|zippyshare.com |http://$script,third-party,xmlhttprequest,domain=zippyshare.com

Thanks. It seems it works. I'll try next samples.

SHvFl said:
What browser do you use? If chrome try this in blacklist mode and blacklist zippyshare so it can't spawn new tab.
JavaScript Popup Blocker

If you use firefox use this to change the settings so nothing can do popup
Simple Popup Blocker

Also make sure you are not clicking a false download button. About ads ublock origin should have you covered.

Thanks for your advice.

DardiM said:
Very oftent, the bad part isn't put when you click on the button to download, but when the page is loaded.

Look for one request on the website (just loading the webpage) :

<Removed>

uBlock Origin can block it.

Yes. I have blocked maxonclick and addthis, but sometimes appear new sites that i have not blocked...

adnage19 · Oct 28, 2016

Every good AdBlock app will block it easily. I'm using uBlock with EasyList as a main ads list and it blocks Zippyshare's ads completely

Malakke · Oct 28, 2016

adnage19 said:
Every good AdBlock app will block it easily. I'm using uBlock with EasyList as a main ads list and it blocks Zippyshare's ads completely

I'm using Ublock Origin too with dinamyc filtering and it blocks adds in Zippyshare, but when i click on Download, sometimes opens a new tab with this rogue sites.

adnage19 · Oct 28, 2016

Malakke said:
I'm using Ublock Origin too with dinamyc filtering and it blocks adds in Zippyshare, but when i click on Download, sometimes opens a new tab with this rogue sites.

Hmm, that's weird... I don't have this problem.

LabZero · Oct 28, 2016

DardiM said:
Very oftent, the bad part isn't put when you click on the button to download, but when the page is loaded.

Look for one request on the website (just loading the webpage) :

<Removed>

uBlock Origin can block it.

If not blocked, a lot o more is put

@DardiM please unclick malicious links..

adnage19 · Oct 28, 2016

BTW it's a shame that Zippyshare is packed with tons of ads and scams, because overall it's a great website - great download speed and stability.

Solarquest · Oct 28, 2016

Malakke said:
I'm using Ublock Origin too with dinamyc filtering and it blocks adds in Zippyshare, but when i click on Download, sometimes opens a new tab with this rogue sites.

I have the same issue...I now just right click on the "downlwoad" button and "save as" the file in my folder and nothing pops up!

DardiM · Oct 28, 2016

LabZero said:
@DardiM please unclick malicious links..

Deactivated, but it was the list of non malicious part

(only show the files as text, to see the content)

LabZero · Oct 28, 2016

adnage19 said:
BTW it's a shame that Zippyshare is packed with tons of ads and scams, because overall it's a great website - great download speed and stability.

Business is the key!

LabZero · Oct 28, 2016

DardiM said:
Deactivated, but it was the list of non malicious part

Thank you, yes but in doubt is better

DardiM · Oct 28, 2016

LabZero said:
Thank you, yes but in doubt is better

Completely agree

Malakke · Oct 28, 2016

How i said before, it occurs sometimes, not always

Malakke · Oct 28, 2016

Solarquest said:
I have the same issue...I now just right click on the "downlwoad" button and "save as" the file in my folder and nothing pops up!

Maybe this is the trick: right click and save as...

Search

Search

Zippyshare Malware Vault

Malakke

Level 5

DardiM

Level 26

Malakke

Level 5

yigido

SHvFl

Level 35

DardiM

Level 26

SHvFl

Level 35

Malakke

Level 5

adnage19

Level 5

Malakke

Level 5

adnage19

Level 5

LabZero

adnage19

Level 5

Solarquest

Moderator

DardiM

Level 26

LabZero

LabZero

DardiM

Level 26

Malakke

Level 5

Malakke

Level 5

You may also like...