Wait, run what? Okay? What the!?

My tale is a simple one, plain and simple I messed up.  It was a late night and I was browsing around on an image board trying to kill some time.  Seeing nothing interesting I decided to fire up some World of Warcraft.

After about an hour or so once again I lost interest.  So I decided to check back on the image board and something finally caught my attention.  That's where I got myself into some trouble.  The old saying that "if it's to good to be true, it probably is" rang true.  I couldn't believe it, the owner of the website was going to make someone a moderator (one of the most sought after positions of power on the website)!

The poster posted a link to a tinychat room where he would broadcast who he would make a moderator.  The only thing that seemed a bit suspicious was the address was in all caps (TlNYCHAT.COM/MODDD).  A red flag should have gone up but it didn't..  When I visited the page it looked very legit and it asked me to run java so I could see the webcam and hear the broadcast.  I hit run in anticipation and hopes of becoming a "mod" on the website.  That's when everything went wrong.

It soon hit me that I was the victim of a java drive-by.  My mouse started to go haywire and the internet was laggy and unresponsive half the time.  I quickly checked my process' and there was nothing strange going on there.  I soon realized the hacker melted the process into one of my windows process'.  He infected one of the core process' or drivers windows loads on start up.

Instantly I was sent into a rage!

I quickly unplugged my internet cord and did a full system wipe on my system.  I knew this wasn't anything serious enough to be a rootkit so I felt safe wiping my hard drive and re-installing my operating system.

For a more detailed explanation read below or click here.  This is taken from wikipedia:

Drive-by download means two things, each concerning the unintended download of computer software from the Internet:

1. Downloads which a person authorized but without understanding the consequences (e.g. downloads which install an unknown or counterfeit executable program, ActiveX component, or Javaapplet).

1. Any download that happens without a person's knowledge, often spyware, a computer virus or malware.^[1]

Drive-by downloads may happen when visiting a website, viewing an e-mail message or by clicking on a deceptive pop-up window:^[2] by clicking on the window in the mistaken belief that, for instance, an error report from the computer' operating system itself is being acknowledged, or that an innocuous advertisement pop-up is being dismissed. In such cases, the "supplier" may claim that the person "consented" to the download although actually unaware of having started an unwanted or malicious software download. Websites that exploit the Windows Metafile vulnerability (eliminated by aWindows update of 5 January 2006) may provide examples of drive-by downloads of this sort.
Hackers use different techniques to obfuscate the malicious code so that antivirus softwares aren't able to recognize the code and it is executed in hidden iframes so that the user can't recognize it visible - and even for experienced user it is hard to read.^[3]A drive-by install (or installation) is a similar event. It refers to installation rather than download (though sometimes the two terms are used interchangeably).

There are more ways for hackers or scammers to get your information and cause you a headache.  Check this video below to learn about phishing and how to be aware of it!