Windows 7 Forums
Welcome to Windows 7 Forums. Our forum is dedicated to helping you find support and solutions for any problems regarding your Windows 7 PC be it Dell, HP, Acer, Asus or a custom build. We also provide an extensive Windows 7 tutorial section that covers a wide range of tips and tricks.

Windows 7: New MarioNet browser attack runs bad code even after leaving web page

25 Feb 2019   #1

64-bit Windows 10 Pro
New MarioNet browser attack runs bad code even after leaving web page

Academics from Greece have devised a new browser-based attack that can allow hackers to run malicious code inside users' browsers even after users have closed or navigated away from the web page on which they got infected.

This new attack, called MarioNet, opens the door for assembling giant botnets from users' browsers. These botnets can be used for in-browser crypto-mining (cryptojacking), DDoS attacks, malicious files hosting/sharing, distributed password cracking, creating proxy networks, advertising click-fraud, and traffic stats boosting, researchers said.

The MarioNet attack is an upgrade to a similar concept of creating a browser-based botnet that was described in the Puppetnets research paper 12 years ago, in 2007.

The difference between the two is that MarioNet can survive after users close the browser tab or move away from the website hosting the malicious code.

This is possible because modern web browsers now support a new API called Service Workers. This mechanism allows a website to isolate operations that rendering a page's user interface from operations that handle intense computational tasks so that the web page UI doesn't freeze when processing large quantities of data.

Technically, Service Workers are an update to an older API called Web Workers. However, unlike web workers, a service worker, once registered and activated, can live and run in the page's background, without requiring the user to continue browsing through the site that loaded the service worker.

MarioNet (a clever spelling of "marionette") takes advantage of the powers provided by service workers in modern browsers...

Read more: New browser attack lets hackers run bad code even after users leave a web page | ZDNet

My System SpecsSystem Spec
26 Feb 2019   #2
F22 Simpilot

Windows 7 Ultimate x64

Wonder if it would still stick since I use Sandboxie? Have my doubts.
My System SpecsSystem Spec

 New MarioNet browser attack runs bad code even after leaving web page

Thread Tools

Similar help and support threads
Thread Forum
A question about the "leaving page" dialog box in Chrome
Hi, Whenever I go to leave certain webpages (usually the gambling websites I frequent) I get a conformation dialog box asking if i'm sure I want to leave. Is this normal for Chrome? I figured it works by Javascript, but disabling Javascript is not an option on my sites as it disables site...
Browsers & Mail
FireFox - mouse & browser& browser freezes in Facebook page
I have FF 17. The mouse is freezing in facebook & I find the only escape to release the browser is reboot. The same FB page works fine in internet explorer.
Browsers & Mail
BSOD (page fault)after login and runs fine in safemode
I am getting BSOD constantly. This started happening after I took apart my computer, installed a new cpu fan, and put it back together. I have tried lots of things, so far no luck. I am attaching my win7 SF diagnostic files, which has all the minidumps in it. The bluescreen at the beginning...
BSOD Help and Support
Attack code for Firefox zero-day goes wild,..........
Source - Attack code for Firefox zero-day goes wild, says researcher ? The Register
Browsers & Mail

Our Sites

Site Links

About Us

Find Us

Windows 7 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 7" and related materials are trademarks of Microsoft Corp.

Designer Media Ltd

All times are GMT -5. The time now is 00:07.
Twitter Facebook