Interestingly, the code checks to see if Apple fonts are present, and if so...

based

wtf

Based
damage control fag

Attached: 1521090904837.jpg (650x650, 151K)

>internet argument
>war memes
Please

it never ends

Attached: itoddlers-btfo.gif (540x304, 1.86M)

Someone embed malware in this image so I can send it to iToddlers

Attached: 1544965731283.jpg (5000x5000, 1.76M)

hello, hackinthosh master here, point me to something that works

Attached: 5.png (775x429, 42K)

F I V E
M I L L I O N
I T O D D L E R S
B L O W N
T H E
F U C K
O U T

Attached: 1526032878815.gif (500x281, 1.6M)

>wihin all the subjects, anime is the largest category
huh, thanks for proving the point.

is this Jow Forums's sakurafish?

GO
AWAY

Well really only the top 3 + Pokémon are anime, the rest under the Jap culture section are, well, Jap culture. Video games also has 3 + Pokémon.

Attached: itoddlers-btfo-desk.webm (540x304, 288K)

>5,000,000 itoddlers

Attached: 1529513119179.jpg (832x623, 405K)

This is why I argue for adblocking as a security measure.
Who is going to pay damages to all the people affected by this malware? Fucking no one.
No one has responsibility for it, but the ad companies are directly profiting from it.

Normalfag pls go

Attached: 4chan is anime.png (902x398, 57K)

based and redpilled.

>phoneposter

>30% female

>javascript viruses

calling javascript 'executing code' is like calling riding a tricycle around in the garage highway robbery

>80% attended or currently enrolled in college

Based.

Attached: toddlers.png (189x202, 42K)

The disgusting thing here is that malware keeps being delivered by ads and yet all the media outlets carefully refrain from advising that their users install ad-blockers, because they're making their money off this malvertising.

>Can confirm
A virus just flew over my house

what exactly is this "malicious" code its fucking javascript on the client how bad can it be?

im a code monkey and work building ads and use javascript all the time and am interested

>im a code monkey
yeah you are rofl

>its fucking javascript on the client how bad can it be?
most browser security vulnerabilities are in or related to the JS VM. Basically the first step and often the hardest step in any exploit of any software, browser or otherwise, is to get code execution. After that you can start thinking about exfiltrating data, escalating privileges, or whatever. Browsers that run JS just give you that by default. Yeah they try really hard to sandbox it, but a JS interpreter is very large and contains many things, and that massive amount of hard-to-debug code is going to have holes in it.

It's not impossible to exploit browsers without JS, there was an Android vuln recently where you could feed it a malformed image and gain code execution that way, exploiting a bug in the image-parsing code. But that's much, much harder to do, since that code is simpler and easier to secure than a JS interpreter, by an order of magnitude.

In what sense is it not executing code? You write instructions in a language and it makes things happen on the computer.

HOW CAN SOMETHING BE SO BASED AND REDPILLED????

based

>>* If so, then loop through the underlying data in the image file. Each loop reads a pixel value and translates it into an alphanumeric character.
What's the point of the image file?
Why isn't the script itself just doing its malicious things directly?

lmao JS is just one giant security risk

why not just use
navigator.userAgent.includes('Mac')

based

OH NO NO NO NO
AAAAAAAAAAAHAHAHAHAHHAAHHAAHAHA

yikes

itoddlers wiil defend this

keep trying, you won't win

Fuck this was actually something I had been wanting to work on. This is insanely better than what I had so far

underrated

One would think they're running out of itoddlers anymore lmao

Yet Apple straight shit on flash and effectively killed it. The irony is quite distilled at this point.

OY VEY

>chinese cartoon
you're worse than them user

>inb4 muh 4chink was a manchild pics board

Attached: tenor.gif (262x396, 295K)

Here's your 15th anniversary pic of this non-anime website :^)

Attached: 4chan_15.png (2021x2702, 3.06M)

>posting a meme in response
You're just as bad as he is, just in a different way.
But that could have been your point.

What? I don't get it, wouldn't that just be a very dumb way for a javascript script to get code to run?
So putting the characters to a string and executing it and then what? Wouldn't that just be the same as including the code in the script itself and skipping the whole stenography thing? Where's the part that it breaks out of the browser?
Oh, nvm the stenography is just to bypass some ad company filter, but since mac users are retarded they will just install malware themselves when redirected to a guide on how to install malware...
Based

right, if I can create a canvas element, I'm doing so with JS, right? Which means I'm executing JS. This sounds more like code obfuscation

>Oh, nvm the stenography is just to bypass some ad company filter
ah, i see

cartoon website you peice of shit

normies get REKT

baste

can be faked.

A bit more than that.
The stenography is looking particularly for Mac operating systems based on the system fonts that'll be used in rendering.
Sure, they'll be using it to obfuscate too, but it's also for targeting purposes. In the end the user may be the one inflicting the malware on themselves by accepting the offered update, but most people just aren't taught not to trust what their browser tells them, especially if they are on a website they think is trustworthy.
This is why ad networks are such a powerful method of distributing malware. They effectively allow untrustworthy connections into a trusted domain, and most of the users don't even know, they're not even aware that it's coming from somewhere else.
They take advantage of user trust.

Well I'm not sure if I agree with
>They effectively allow untrustworthy connections into a trusted domain
If a domain allows connections to ad networks then you can't really trust the domain, can you?
But yeah, I get the idea, other people trust it.

I never get sick of this

Attached: 1509833486877.png (640x480, 627K)

Well placed first post, sir.

Everyone is missing the point, the malware is being delivered by images only, with no human interaction besides loading the image. This one only targets macs but it works on almost every machine, with almost every browser. Just because you run Linux or Windows does not mean you are immune.

Nobody on Jow Forums knows jack shit about technology, they just know Apple bad Microsoft bad Linux good

Reminds me of ChickHEN on the PSP.
*cracks red bull* now that was an exploit.

yikes

sue the asshole ad companies running these ads from shit fly by night companies.
tech is full of bottom feeding weak beta losers.

A user still has do download and execute the malware, it's only a redirect to a spoofed update page or the like.

Wtf, now my imac, macbook pro, iphone, and ipad are stealing my info and calling me gay

AAAAAAAAAAAHHHHHHHHH!

Attached: images.jpg (251x201, 21K)

based and gnupilled

>but most people just aren't taught not to trust what their browser tells them
Macs literally can't get malware though. So there's no need to be careful.

never going to run out of applelfags because there will always be retards willing to pay exorbitant amounts just to show that they can

THIS IS WHY I BLOCK ADS HIRO

I'M NOT EVEN ON A MAC, BUT I DON'T WANT YOU SHOVING JAVAWARE MALSCRIPT ONTO MY MACHINE

>B-BUT MUH AD REVENUE
AND ARE YOU GONNA COMPENSATE ME IF MALWARE DESTROYS MY COMPUTER?

Attached: 1545078674340.png (1024x972, 594K)

Basted and rippled

>Macs literally can't get malware though.
Nice.

B-b-but macs dont get viruses

this made me gay. my computer is gay too by several proxies.

Macs literally are malware.
gnu.org/proprietary/malware-apple.en.html

non acidic

OH NO NO NO NO NO NO NO
AAAAAAAAAAAHAHAHAHAHAHAHAHAHAHAHAHAHAHAHAHA

fpbp

Based

macfags btfo
adfags btfo

Based

BASED

Based and Sataniapilled

Stupid iPoo poster.

the only thing I can think of is that the script loaded from an image probably won't show up in dev tools