HTM file downloaded by itself - HTM smuggling attack?

vtmk78
vtmk78 Posts: 3 New Member
in Device Protection

Hi,

While using Firefox, a .htm file of 0 bytes downloaded by itself. I did not open the file.

Could this be a case of a HTML smuggling attack and what should I do?

Complete virus scan did not reveal anything.

Like Awesome

Answers

  • Ukko
    Ukko Posts: 3,817 Superuser

    Hello,

    As stated in your other topic - likely a safe glitch or whatever design.

    This may not be such a rare situation (with Firefox or any other browser downloading / creating empty!? or more likely 0 bytes .htm random file), but I'm not sure I can advise on how to find the cause.

    Probably the easiest way is to understand when they appear (is it simply launching a browser; or launching a browser with specific extensions / addons; or visiting a certain website, and so on). Then, maybe to prevent autodownloading (if this is the case) and to set up it as "Always ask what to do with downloads" (just to prevent any 'broken' unexpected downloads).

    Then to find out where they are located (I mean, you already know this - but to share this information). Maybe it's a cache? Or whatever pieces of visited website / page on-the-fly (served stream or something, which browser decided to download as .htm).

    I do not think this state is related to "HTML smuggling", partially because the idea and style of such 'attack' or 'way' is rather obvious (as for me) with user's interaction. I do not see the point of using .htm or .html file stealthy in user's system instead of something more directly dangerous right away (when there is such an opportunity with downloading 'anything' by itself).

    Thanks!

    Like Awesome

Categories