Home / ubuntu / Questions / 1050185
In Process
Emil Engler
Asked: 2018-06-28 07:38:27 +0800 CST

Can I get a virus/malware from only visiting websites?

  • 772

When I use Firefox and browse the web, can I get viruses or malware without downloading and installing anything? For example, from bad scripts?

security firefox malware 18.04

3 Answers

  1. The title and body are not the same and has 2 different answers:

    • virus: no.
    • malware: yes.

    Malware can get installed as part of extensions. Browsers use a sandbox system to prevent harm to your system. If anything bad happens it is limited to your /home/ section as long as you do not provide your admin password.

    Virus tend to be part of installation of malicious software. So you need to download, and install it before you get affected. We, Linux users, generally use secure installation methods like software center and a package system that is checked on viruses.

    If you run a web-server you need to also be aware of root kits. Those are far more a problem compared to virus and malware.

    In general, a desktop user should not have to worry about this as long as one sticks to a couple of common rules:

    1. keep your password safe.
    2. don't install server software you do not need, and if you do, check the corresponding log files often.
    3. don't install software outside of software center. If you do, make sure it is from a source you can relatively predict it is a good source.
    • 5

  2. The answer is yes. But they tend to end up in FF's cache and stay there without actually infecting your system. They are easily deleted from there - one good reason why you should delete your cache regularly.

    • 3

  3. I remember that in old days like in xp, it is possible for one to write vb script that triggers unwanted service via activex . But not know. Those all are fixed for good.

    It is very very difficult. It is nearly impossible with stable version browser.

    If you are using scratch /sid release browser. It is possible that it have security issue.

    If you have unsecure browser extension. It is possible.

    Mostly, hacker try to install extension or push malware code. They may store tracking cookies.

    In Linux you never need to worry about it. It will never support such things .Just dont run browser with root privilege.

    Installing extension like ads blocker with malware url block list will also prevent force push of plugin.

    Now days chrome or firefox, comes with block list of bad reputed url. Just enable them from settings.

    If you doubt just purge and reinstall browser to solve the issue.

    Clear cookies and cache weekly to remove tracking cookies.

    Never install plugins from 3rd party website.

    • 0