Jump to content
Kaspersky Support Forum

Suddenly 'popunders' are back?

Tribal Cash
 Share

Recommended Posts

Tribal Cash

Tribal Cash

Posted
Posted

In the last week or so suddenly neither Kaspersky nor Chrome are blocking pop unders.

After a while it becomes strange that the computer is using high resources.

On closing chrome main window a person sees a smaller sub window that had been hidden by the main window.

Usually it is for a travel site or some other similar thing.

Ten years ago this used to be common, but then those 'popunders' were blocked for a long time, now they are back.

Any explanation why Kaspersky and Chrome do not block them?

Link to comment
Share on other sites
Tribal Cash

Tribal Cash

Posted
  • Author
Posted

Here is an example.

Go to the site

“https://www.whatreallyhappened.com/NEW/”

and click on an article.

A significant percentage of the time you will get a hidden pop under that you don't see until the main Chrome window is closed.

“https://api.apptap.com/link/buy/android/tile.thinkapollo/e1?clinkID=xKX18oO-j-Rqc0uH8_87eP_7T6l7OiCMopcJj7BWeNi6x_PFxSflPTZFdfc_UyTz3tF2IAHb&pubID=hvCtqYD-3KZQdRyWz_0wQ_3wUg&siteID=l_G0tcL80qkbbEuH-eIwROo&placementID=21811&trackingID=20b6be7f-9193-434c-a1b8-3d8fb2cb3318&creativeID=125181&loc.country=US&pub.placement_id=104993&partnerCampaignID=0500256_thinkapollo_US_NABOO_United_States_Leave_Behind_1&partnerCampaignID=53145&pub.city=Fairbanks&pub.sub_source=Conservative+News&cost.cpm=5.737654”

Also your computer will go up to 100% cpu until you close Chrome and re open it.

Link to comment
Share on other sites
Tribal Cash

Tribal Cash

Posted
  • Author
Posted

Here is an example.

Go to the site

“https://www.whatreallyhappened.com/NEW/”

and click on an article.

A significant percentage of the time you will get a hidden pop under that you don't see until the main Chrome window is closed.

~Kaspersky forum will not let the pop under link be posted so it is not included in this post~

 

Also your computer will go up to 100% cpu until you close Chrome and re open it.

Link to comment
Share on other sites
Tribal Cash

Tribal Cash

Posted
  • Author
Posted

Another much stranger example.

Starting from the same website, but offline, some text was copied from the blurb about the article 

https://www.naturalnews.com/2023-01-01-aussie-physician-drops-dead-covid-vaccines-kids.html

This was a) offline, and b) right clicking in the text to create a context menu to do a Google search of some highlighted text. When the "search on Google" context menu option was selected the popunder opened with the following address

https://engine.4dsply.com/fp.engine?id=f8a09055-8feb-40d8-971a-2f23ccf2979c&rand=undefined&ver=async&time=480&referrerUrl=&subId=&tid=&abr=false&stdTime=-480&res=1600x900&fpe=1&curl=https%3A%2F%2Fwww.whatreallyhappened.com%2FNEW%2F&kw=&spt=0

I don't know where that leads, not even curious, but the impact on the computer i.e., cpu is so obvious that it looks like the intent is to discredit the original site that is serving these popunders. Just a guess

Link to comment
Share on other sites

Please sign in to comment

You will be able to leave a comment after signing in



Sign In Now
 Share
Go to topic listing


×
×
  • Create New...