I opened firefox After about an hour of the system being in standby and in theSponsored Links row there were 2 new entries

http:/ /bom07s30-in-x03. 1e100. net/ (I dismantled the URLs to prevent accidental clicks)

pnbomb-ac-in-x0e.1e100

I right clicked and searched in Google and it showed up as this

pnbomb-ac-in-x0e.1e100 Sponsored it disappeared after a while, just to be sure I ran sudo lsof -i and noticed firefox was connected to this url

maa05s15-in-x03.1e100.net

I am not sure if am infected or this is just a glitch(I obviously didn’t click on the links)

      • somethingsomethingidk@lemmy.world
        link
        fedilink
        arrow-up
        25
        ·
        10 months ago

        From mozilla. I’m guessing that the links were hosted/owned/etc. by google. When your system resumed it only partially loaded the sponsored links and you were left with the text of the url.

        Your system is fine security wise, but privacy wise pinging google servers everytime you open a new tab is not ideal. This type of stuff is why I use Librewolf. Of course it’s up to you how much it bothers you. You can disable alot in vanilla firefox too.

          • somethingsomethingidk@lemmy.world
            link
            fedilink
            arrow-up
            3
            ·
            10 months ago

            Install clamav and run a scan. You will probably get false positives.

            For instance the gnome polkit agent has a “malicious” image that it tries to load at start and if it succeeds it kills the program before it can run. This is to keep an actually malicious icon from being used. I spent days on that one lol

              • redcalcium@lemmy.institute
                link
                fedilink
                arrow-up
                2
                ·
                10 months ago

                Depends on the malware database you use, but out of the box it’ll catch wide range of stuff, even linux malwares (which is rare but exists and mostly infect vulnerable web servers).