Dear All,
Browsing with Namoroka 3.6.8 on Gentoo, I just stumbled across a webpage containing Javascript that was probably trying to install malicious code on my system. The script
- claimed (implausibly) to be a malware scanner, and (even more implausibly, because the places it claimed to have looked were Windows-specific directory names that don't exist on my system) that it had found half a dozen items of malware on my system;
- generally made a nuisance of itself by grabbing focus with dialogue boxes (this seemed odd - my browser settings forbid Javascript to raise or lower windows, yet my main browser window was, to all intents and purposes, irreversibly lowered by the presence of the dialogue boxes, and the only browser actions possible were to click on dialogue box buttons or do a window-manager close on the dialogue box)
- did a passable impersonation of Windows Update (or at least, it would have been passable if the system I was looking at it with had been running Windows ;-)); and
- finished up by offering me a download of an executable Windows binary, which I rejected.
I took a look at the Javascript source code, but it was _very_ obfuscated.
My question is - could the script have got any sort of access to my local filesystems or otherwise done any damage?