Irritating JavaScript Virus Message Popup And Redirect

11th February 2009

The other day I was approached by a friend who had this odd looking virus message on their screen. They said that they hadn't been doing anything in particular, just writing an email and surfing the net in Firefox when all of a sudden this pop-up appeared on screen and told them they had a virus.

The thing that caught my friend by surprise was that they were using Firefox and therefore shouldn't be able to get pop-ups. However, on closer inspection is appeared to be a JavaScript confirm message. My friend clicked on the Cancel button and one of the pages they had open redirected to this very dodgy looking site which promptly started to do a dummy virus scan.

I had a quick think about what sort of code would be required to do this. Obviously a long delay would be needed so that the user doesn't get the pop-up straight away and directly associate the virus with the original site. You would then need to add a window.focus() call to bring the window to the front and then a call to confirm() to pop-up the message. Of course you would then redirect to the intended site no matter what the user does. After 5 minutes I came up with the following page.

  1. <html>
  2. <head>
  3. <title></title>
  4.  
  5. <script type="text/javascript">
  6. function runannoyance(){
  7. window.focus();
  8. confirm('Like OMG, you totally have a virus, let me scan it now!');
  9. window.location.href = 'http://www.hashbangcode.com/';
  10. }
  11. </script>
  12.  
  13. </head>
  14. <body>
  15. <p>Normal page here...</p>
  16. <script type="text/javascript">setTimeout("runannoyance()",2000);</script>
  17. </body>
  18. </html>

I present this code here as a way of informing people about this issue so that they don't get duped into thinking that their computer is under attack and start buying into these charlatan sites. If this happens to you then click on anything on the confirm (it doesn't matter what) and then close the page before it loads. You should then not go back to the site that did this to you in the first place.

Doing this sort of thing is exactly why JavaScript has had such a bad reputation since its creation and is a terrible way to treat users.

Comments

Permalink
HI Philip, It is very good idea indeed to let our users that the popup they are seeing is not a virus at all. Thanks for sharing a informative trick, which is helping others even in 2015 as well. thanks sunil kumar

kumar (Mon, 04/20/2015 - 07:15)

Add new comment

The content of this field is kept private and will not be shown publicly.