Got malware with Vivaldi-snapshot

Sachouille

hello
sorry for my english, I don't speak this language very well
On my Ubuntu 17.10 I have vivaldi-snapshot_1.14.1047.3
today when I want to run the browser, some page FunSafeTab.com appeared
I can't do anything expect :
1.install the software (hmmm..... no...)
2.close the window
I've "purge" Vivaldi and reinstalled this : same thing
HELP !!!

[modedit] changed title

Pesala

Download a free copy of Malwarebytes and run it to clean your system. Malware is installed by some bad download sites, it has nothing to do with Vivaldi.

Zalex108

@Pesala

@Sachouille
Is using Linux.

@Sachouille

What is the latest installed extension?
Or software?

---

Windows 10 (x64) | Anniversary Update
Vivaldi Stable · Snapshot

Vivaldi Reset and Back up

Pesala

@zalex108 Oops!

There are plenty of malware tools for Linux too.

Steffie

@sachouille This is a textbook illustration of the importance of sandboxing all browsers [& all other internet-facing pgms too, IMO]. Once you have solved the current problem, i suggest you very seriously consider installing & using Firejail https://firejail.wordpress.com/

Firejail is a SUID program that reduces the risk of security breaches by restricting the running environment of untrusted applications using Linux namespaces and seccomp-bpf. It allows a process and all its descendants to have their own private view of the globally shared kernel resources, such as the network stack, process table, mount table.
Written in C with virtually no dependencies, the software runs on any Linux computer with a 3.x kernel version or newer. The sandbox is lightweight, the overhead is low. There are no complicated configuration files to edit, no socket connections open, no daemons running in the background. All security features are implemented directly in Linux kernel and available on any Linux computer. The program is released under GPL v2 license.

Firejail can sandbox any type of processes: servers, graphical applications, and even user login sessions. The software includes security profiles for a large number of Linux programs: Mozilla Firefox, Chromium, VLC, Transmission etc. To start the sandbox, prefix your command with “firejail”

Eg, here's my custom launchers for my V's:

1. firejail --blacklist=/Seagate -- vivaldi-snapshot --disk-cache-dir=/tmp/vivaldi-snapshot-cache
2. firejail --blacklist=/Seagate -- vivaldi-stable --disk-cache-dir=/tmp/vivaldi-stable-cache

Without FJ, a malicious external actor has access to your /home/sachouille directory, somewhere within which i assume now lurks the intruder code. With FJ, the only access available is to this restricted subset [compare these to your unrestricted ones now, to see the radical difference]:

As per the video in the FJ link above:

From https://firejail.wordpress.com/documentation-2/basic-usage/ :

Any type of GUI programs should work. Sound, video and hardware acceleration available on the host platform, should also be available in the sandbox. This makes Firejail ideal for running untrusted programs such as Google Chrome, Dropbox, Skype, Adobe Reader, games.

Sachouille

@pesala I know this, I meant "I have a virus in my Vivaldi" not "Vivaldi is not clean"

Sachouille

@zalex108 the latest version?
I don't know. In fact I've installed a beta version and it's a auto-update
So, the latest was the version before the latest
the latest extension, I think is the same in "Vivaldi" (I have both, Vivaldi and "snapshot") was "Nimbus screenshot'
and the latest software.... I really don't know, sorry

How to reset Vivaldi settings
Go to vivaldi://about or to the Help menu > About Vivaldi.

Like I said yesterday :
I can't do anything expect :
1.install the software (hmmm..... no...)
2.close the window
I've "purge" Vivaldi and reinstalled this : same thing

and if the issue is due to an extension, how can I remove it? I can't find the "extension" folder..

Sachouille

I(ve tried to install an older version of Vivaldi : the only page I can see it's the "parameters"
nothing else
close
:-c

Sachouille

désolé je passe en français :
je suis assez perplexe je ne trouve RIEN sur mon problème
il existe sur Windows, il y a plein de pages avec plein d'antivirus mais pas une page ne parle de "FunSafeTab" pour linux
c'est fou, ça !!!
j'ai cherché un fichier dans lequel il pourrait y avoir une ligne avec l'indication "démarrer avec FunSafeTab.com" mais je ne trouve pas

Sachouille

@gwen-dragon
it would be nice if, like I said twice :
I can't do anything

I've searched for all "vivaldi-snapshot" forlder, deleted them (because some are still here with a "remove" and "purge" command
I'm installing another latest version.... and I return here

Sachouille

@gwen-dragon
ok, what I said in the last message works

I will do what you asked me to do, it's better

if everything works : THANKS FOR ALL YOU GUYS !!

Zalex108

@pesala said in Got malware with Vivaldi-snapshot:

There are plenty of malware tools for Linux too.

I knew about Mac, but didn't know about the whole Linux suffering from Malware/Virus.

Despite that, web browsers are not OS related - mostly -.

Zalex108

@sachouille said in Got malware with Vivaldi-snapshot:

@gwen-dragon
ok, what I said in the last message works

I will do what you asked me to do, it's better

if everything works : THANKS FOR ALL YOU GUYS !!

But don't remove Vivaldi profile folder yet, rename the folder, then copy Bookmarks or any needed file - taking care do not copy the infected one -.

File explanation on the "Reset the Vivaldi Profile" link that @Gwen-Dragon gave.