Good evening. Please bear with my long post because I want to make sure that whoever responds has all details that are necessary to help. Apologies if it is a long-winded explanation.
Yesterday, I was talking to somebody and had Google Images open as I was trying to find screenshots of a show. If you’ve ever used Google images, you know that it’s chock full of scummy phishing sites that scrape actual images off of reputable sites and try to profit off of peoples’ confusion/accidental clicking. While talking, I guess I accidentally clicked one of the sites (most sites were normal, standard YouTube/wikia/tiktok/pinterest, etc but there were some that looked strange that I always do my best to avoid). I didn’t realise I’d been directed to a site ( I was busy facing the other way talking) until I looked at my screen again and got scared.
It takes you to the domain even when you click on the image on Google images, so I think that’s what happened.
The one I accidentally clicked on was definitely scraping off of Google Images… I got pretty scared though because it was so sudden so I immediately clicked it off AFTER I realised I’d accidentally clicked on it. But what’s weird about the site itself (afuncan.com was the domain but since I immediately cleared cookies to prevent malware in cookies, I can’t remember the actual site) is that while it hosts itself as an HTML5 game hosting site… it was all just random images off of Google Images. None of it, from the split second I saw the site, looked like games in any way… just random screenshots of a TV show and random art. To be honest, even the name scares me (afuncan just sounds creepy and reminiscent of the phishing ads on YouTube).
While virustotalling just afuncan.com shows up as clean, I found this
https://gridinsoft.com/online-virus-scanner/url/afuncan-com
while trying to research the site, and it seems that it is a phishing site according to that.
I have been trying to find it again so I can check the virustotal, urlscan and hybrid-analysis scans of the URL and domain but I haven’t been able to find it at all. There are a bunch of different sites that have nothing to do with the TV show that show up on the same Google images search but none are afuncan or redirect to it based off of what urlscan says.
When I try to look up the TV show’s name and site:afunscan.com, it doesn’t show up. But I saw the screenshots of the show AND fanart of the show (that was also conveniently on Google Images too, so probably scraped off of the same Google images search) on the site and that’s how I got redirected there on Google Images in the first place, by looking up the TV show. I am starting to believe it either redirected me to that site from a DIFFERENT URL because it genuinely seems impossible to find again.
I did a BitDefender system scan — all clean. I am not sure what else I can do to check because I don’t have the URL. To be clear: I am scared of a “drive-by download”. A decade ago, I accidentally infected a device with a drive-by Trojan that took a month to find and remove. Please, if there’s any advice, let me know. I am not the most tech savvy (still very much a beginner in understanding cybersecurity) but I am trying my best to learn so I can avoid malware and make sure my devices are safe.
I avoided using my PC until the past hour so I can’t comment on the behaviour of my PC.
In said past hour, I saw a terminal pop up while I was playing a video game (I’ve never had a terminal flash when playing that video game, googling “terminal/cmd pop up when playing (name of game)” does not yield any relevant results). That’s why I came here, it just scared me… I have had this PC for months and have never had a random terminal flash before. I immediately shut down my computer but it took a long time to shut down (display was off but the power button light still showed). While the shut down taking a while is most definitely normal, and terminals can flash for a number of reasons according to various Google searches, I am still worried and want to err on the safe side of caution.
I was using Firefox when Google Images redirected me to the site; I have uBlock Origin and a TamperMonkey Adblocker (https://greasyfork.org/en/scripts/505648-universal-ad-blocker/code if you want to check the code) to block ads (my teenagers use the PC too from time to time so I have those for FireFox to prevent them falling for phishing too, otherwise we have 1Blocker for Safari), I also have “Skip Redirect” to avoid random redirects (I realise this can clash with the “it may have redirected me to that site” theory but anything can fall between cracks). This is why after immediately clearing cookies, doing the system scan, I didn’t think much more of it because I assumed my adblockers would protect my device. But, since the site was open for at least more than 3 seconds as I was distracted, I’m still worried, especially coupled with that terminal flash.
Is there anything else I can do to check whether or not the PC is not infected? Thank you in advance.
Also, just to be extra clear: I never clicked on any sites when trying to find the site that scared me, I copied the links from Google Images and inputted them for a scan in urlscan/virustotal.
