Jump to content

What was it that MBG blocked?

Go to solution Solved by Porthos,

Recommended Posts

Firefox v113.0, MBG v2.5.9, Win 10 22H2 build 19045.2965

The statistics show that 2 malwares were blocked yesterday, but how do I get more details of just what was blocked and on what website(s)?

I had no onscreen warnings.
But I do have an idea that it may have been a cryxos trojan. (Tech Support Scam popup page).

A few days ago, on the 6th & 7th, some users on a vBulletin based forum I visit reported that their AV's were warning/blocking access to the forum.
For one user Bitdefender reported "Threat name: JS:Trojan.Cryxos.12456", and one user reported that his MBG threw a 'malicious activity' warning screen when visiting the forum (but didn't specify what).

Although not too concerning unless they actually phoned the number, I pointed them to the malware removal here if they wanted to get their machines checked over for malware.

Link to post
Posted (edited)

Thanks @Porthos

Downloaded and taking a look now.

EDIT- Unfortunately the log only has entries from today (my current session).

EDIT2- Closing and reopening Firefox shows that the MBG debug log that I can download only contains the information for the current session.

Oh well, it wasn't that important anyway, at least not this time.
But I'd have thought that at least one previous session would be more use than just the current one.
If your Firefox had crashed then you may well want to look at the log for the session that had just crashed, but as soon as you open a new session to get to the MBG log download ........

Edited by nukecad
Link to post
  • Staff

@nukecad there is a new notification included in the just released V2.6.2.  If we blocked a mailicious element inside an otherwise safe website we blocked the mailicious item and allowed things to proceed.  A credit card skimmer is one example.  This happened silently unless you happened to open the BG UI while visiting the site in question.  If a site was deemed entirely malicious we'd throw a block page.  Now you will receive a 5 second notification alerting you when a malicious element has been blocked.  Here's an example:


Link to post

@gatortail sounds a good addition to me.

(Although I do wonder if you'll now get start to get complaints about too many such popups? Some users can be strange at times with what they choose to moan about).

Link to post
  • Staff

@nukecad We decided on the pop up route rather than delivering our traditional block page.  The pop up should only show up when a malicious script is encountered.

The fear is that without the pop up you could unknowingly share the site with family & friends that may not be using BG.  In that case they become compromised.  This at least brings attention to the malware.

Regarding the complainers about popup notifications, we will had a setting to bypass it in the next release but I HIGHLY recommend it not be turned off for the reason above.

Link to post

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.