New issue
Advanced search Search tips

Issue 623305 link

Starred by 1 user
Status: WontFix
Owner: ----
Closed: Jun 2016
EstimatedDays: ----
NextAction: ----
OS: ----
Pri: ----
Type: Bug-Security



Sign in to add a comment

Security: virus android

Reported by jcamac...@gmail.com, Jun 25 2016 
When you connect with legal pages as www.elpais.com one google anouncement launch a page with fake virus information.

You can see the address and the screens in attachments.

The address are:

market://details?id=com.hermes.superb.booster&referrer=utm_source%3DPapaya%26utm_campaign%3Dgroup14%26utm_content%3Da887ffb35a37460d587ecaa7d029245706%26af_siteid%3D6252629126

And goes to:
http://us.mini-71.xyz/global4a/0_index0.php?model=Nexus%205X&brand=Google&osversion=Android%206.0&ip=2.138.249.72&voluumdata=BASE64dmlkLi4wMDAwMDAwMi02N2U3LTQ0MmQtODAwMC0wMDAwMDAwMDAwMDBfX3ZwaWQuLjA3ZjRlODAwLTM5ZWEtMTFlNi04YzY2LTUwMjgzMWQwZTg1MF9fY2FpZC4uZDBiOTBhNDgtNGI4Ny00ZDM1LTg4YmMtYWE3Y2E5YzFhNDAwX19ydC4uUl9fbGlkLi5jNDkzYmE3Yy1hMWY3LTQ1ZTEtOGUzMS1iNjFjMmQzOGEyMjNfX29pZDEuLmNjYzI5OThmLTUyODQtNDUyZS04MjZhLWIyNzVhMGVjNjUzZV9fdmFyMS4uYzk2YjcyNzktMGFlNS00NjllLTliNjQtNDhiYjFhM2RhOTNlX192YXIyLi44ODUwX192YXIzLi44OTJfX3ZhcjQuLjE2NjFfX3ZhcjUuLkVTX192YXI2Li5BbmRyb2lkX192YXI3Li4tMV9fdmFyOC4uMXgxX192YXI5Li42NTQ5X19yZC4uYVwuXGFkcGxhY2ViZXN0XC5cY29tX19haWQuLl9fYWIuLl9fc2lkLi4&txn_id=c96b7279-0ae5-469e-9b64-48bb1a3da93e&banner=8850&site=892&adspace=1661&country=ES&user_os=Android&carrier=-1&banner_size=1x1&camp_id=6549#b

There is a security problema because chrome should not allow this behaviour.
Screenshot_20160625-112124.png
202 KB View Download
Screenshot_20160625-112132.png
233 KB View Download

Comment 1 by dominickn@chromium.org, Jun 27 2016

Status: WontFix (was: Unconfirmed)
This site appears to have been taken down in the interim. We have a Safe Browsing service which tries to catch sites which do this sort of thing, but otherwise it is very challenging to try and detect these in the browser.

Comment 2 by jcamac...@gmail.com, Jun 27 2016 

But this site launch the fake virus information with an AdSense anouncement without click interaction by user. I think that it is a AdSense/Chrome issue.
Project Member

Comment 3 by sheriffbot@chromium.org, Oct 3 2016

Labels: -Restrict-View-SecurityTeam allpublic
This bug has been closed for more than 14 weeks. Removing security view restrictions.

For more details visit https://www.chromium.org/issue-tracking/autotriage - Your friendly Sheriffbot

Sign in to add a comment