Spyware Sucks

But here is the dirty little secret of browser security: Even if every Internet browser made today were completely bug-free, it wouldn't stop malicious hackers and malware. Why? Because the vast majority of successful malicious exploits today don't exploit buggy browsers, but rather unwitting end-users. That is, Web-based malware is successful because end-users are intentionally installing it! Most exploit code doesn't search for an unpatched vulnerability, but simply asks the user to install. - Roger Grimes, Infoworld

"There is no magic fairy dust protecting Macs" - Dai Zovi, security researcher and co-author of The Mac Hacker's Handbook.

A malvertizement featuring XE Radio rears its head again

Interestingly, the malvertizement features the same campaign as the MediaMan malvertizement that Kimberley found on isuisse, iquebec, ibelgique and ifrance back on 10 July.

Screenshots of the XM Radio malvertizement:

We see various domains when hit by a malicious redirect, including:

stathisranch.net/crossdomain.xml

stathisranch.net/c/index.php?<<removed>>

profitabill.com/?cmpid=asbarrator (this is the same as the MediaMan malvertizement mentioned above)

adnetserver.com/?<<removed>>

adverdaemon.com/?<<removed>>

antispywaremaster.com/data/<<removed>>

sicherheitstool.com/kontroller/?<<removed>>

Published Tue, Jul 15 2008 13:43 by sandi

Filed under: Security, safety and privacy on the Internet, Vulnerabilities, viruses and exploits

Spyware Sucks

This Blog

Syndication

Search

Tags

Community

Archives

News

A malvertizement featuring XE Radio rears its head again