Spyware Sucks

"There is no magic fairy dust protecting Macs" - Dai Zovi, security researcher and co-author of The Mac Hacker's Handbook.

"The Biblical wisdom “pride comes before a fall” needs to be foremost in the minds of security professionals. There are several aspects to this truth, but it starts with believing it is true. For one, the bad guys are always getting better and trying to get in. They are working harder than ever to defeat whatever you are doing to protect your enterprise. This knowledge alone will change your perspective on your job and when you are “done". What worked today may not work tomorrow. In this light, be careful about the promises you make to others regarding security and the protections you are deploying." - Dan Lohrmann

DANGER! Whitepages.com may be displaying malicious advertisements

~~Note this incident is as yet unconfirmed. Report received via email:~~

UPDATE: THE REPORT HAS BEEN CONFIRMED - PLEASE USE CAUTION WHEN VISITING WHITEPAGES.COM:
http://msmvps.com/blogs/spywaresucks/archive/2007/08/22/1129296.aspx

DO NOT VISIT THE URLS PROVIDED!!! YOU MAY INFECT YOUR SYSTEM

"we often use whitepages.com in our work, going as far as leaving it open all day. starting yesterday our virus scanners noted several attempted malware installations. They appear to be coming from a banner ad that is in rotation. The address of the ad itself is hXXp:// hotest-tgp-pics.com / ?id= booker and that redirects to other pages that attempt to autoinstall the malware without user intervention. the 2 sites I have seen so far are hxxp:// scanner.malwarealarm.com /5/?advid= 1500 and hxxp:// scanner.spy-shredder.com /4/? advid= 1553. I sent an email to abuse@whitepages.com and webmaster@whitepages.com but have not yet received a response."

Published Wed, Aug 22 2007 8:48 by sandi

Filed under: Vulnerabilities, Security, safety and privacy on the Internet, viruses and exploits

Comments

# re: DANGER! Whitepages.com may be displaying malicious advertisements

Tuesday, August 21, 2007 11:14 PM by Seth Crosby

Yup, just happened to me now. Whitepages.com is not safe.

# re: DANGER! Whitepages.com may be displaying malicious advertisements

Wednesday, August 22, 2007 1:00 AM by sandi

@ Seth

whitepages.com have been informed and have responded to the alert email. They've also been given my details so that they can get in touch if they require assistance tracking down the rogue advertisements.

# re: DANGER! Whitepages.com may be displaying malicious advertisements

Sunday, October 07, 2007 12:36 PM by Gary

Some time has gone by now. scanner.spy-shredder.com/4 still says "Affiliate account has been blocked". The offending ad account was evidently removed from the pool by that particular advertising service whitepages.com subscribes to.

The ads allow an otherwise expensive service to be free to us.

Those advertising services are the real source of the offending ActiveX advertiser ever propogating out to the world through them, how could we identify and establish a dialog with the ad agency directly, rather than one of their customers (customers like whitepages.com).

Thanks for your efforts.

Spyware Sucks

This Blog

Syndication

Search

Tags

Community

Archives

News

DANGER! Whitepages.com may be displaying malicious advertisements

Comments

# re: DANGER! Whitepages.com may be displaying malicious advertisements

# re: DANGER! Whitepages.com may be displaying malicious advertisements

# re: DANGER! Whitepages.com may be displaying malicious advertisements