Browse by Tags

All Tags » Malvertizing (RSS)
Wed, Nov 18 2009 7:58

FTC versus Innovative Marketing et al - developments

As we know, Jain's legal counsel have applied for leave to withdraw as his attorneys of record.  They have not been given permission to withdraw yet, and the deadline for Jain to respond to the FTC's renewed motion for sanctions was nigh...
Posted by sandi | 1 comment(s)
Filed under: ,
Mon, Nov 16 2009 9:49

FTC versus Innovative Marketing et al - Sam Jain's legal counsel request leave to withdraw as attorneys of record

In a not unsurprising development, legal counsel for Sam Jain have petitioned the Court for permission to withdraw as attorneys for Sam Jain.  The FTC does not oppose the request, but does object to any further extension of Mr Jain's time to...
Posted by sandi | with no comments
Filed under: ,
Wed, Nov 11 2009 11:33

FTC versus Innovative Marketing et al - developments

Innovative Marketing and Daniel Sundin are still unrepresented. 09/16/2009 ORDER denying Motion of Marc D'Souza to Dismiss the Complaint. DIRECTING D'Souza to answer the complaint within 20 days. Signed by Judge Richard D Bennett on 9/16/09. "...
Posted by sandi | with no comments
Filed under: ,
Mon, Nov 9 2009 22:08

Ponderings about the incident that hit Gizmodo (courtesy of Gawker)

While I was on holidays, a malvertizing incident hit Gizmodo (via advertising sold to Gawker).  The miscreants impersonated the legitimate advertising agency Spark Communications, registering the domain spark-smg.com (the real domain is sparksmg...
Posted by sandi | with no comments
Filed under:
Fri, Oct 2 2009 22:05

I have received the Microsoft MVP Award – for the 11th time

    I received an email today advising me that I have been awarded Microsoft MVP status for the 11th time. Unlike my previous 10 awards, this time I have been awarded Microsoft MVP under the specialty “Consumer Security: Training” instead of...
Posted by sandi | 5 comment(s)
Filed under: ,
Sun, Sep 20 2009 15:39

ALERT: Please treat content from extrabanner.com with extreme caution

  Regular readers will recognize the domains t.banner09092.com and blackwater-cuprumworks.net – they were the domains used to attempt infection of computers via various security exploits: http://msmvps.com/blogs/spywaresucks/archive/2009/09/12/1722754...
Posted by sandi | with no comments
Filed under:
Tue, Sep 15 2009 14:08

Ponderings about the New York Times malvertizing incident

It has been all over the popular press – the New York Times web site had been tricked into accepting a malvertizement that was hijacking some visitors to that site and dumping them at a web site touting fake security software.  And, in a move that...
Posted by sandi | with no comments
Filed under: ,
Sat, Sep 12 2009 18:16

ALERT: Please treat content from trendbanner.com with extreme caution

  It has been implicated in the facilitation of malvertizing that attempts to infect computers via PDF exploit The way it works is as follows: ad.trendbanner.com uses document.write to load the JS content at banner.pushbanner769.info banner.pushbanner769...
Posted by sandi | with no comments
Filed under: ,
Fri, Sep 11 2009 10:43

Alert: please treat content from kennedales.com with extreme caution

I have received information that kennedales.com has been implicated in a malvertizing incident.  I noted in my last blog post that kennedales.com shares IP address with two other domains that have already been caught facilitating malvertizing but...
Posted by sandi | with no comments
Filed under:
Thu, Sep 10 2009 10:30

Another two bad domains: newadsresults.com and waveadvert.com

Seen distributing malvertizing at starnewsonline.com: http://forums.starnewsonline.com/eve/forums/a/tpc/f/6431032365/m/7121097019/r/9841029019 And collegehumor.com: http://www.facebook.co.za/CollegeHumor And tigerdroppings.com: http://www.tigerdroppings...
Posted by sandi | 2 comment(s)
Filed under:
Sun, Sep 6 2009 18:53

ALERT: The gogomediacenter.com incidents continue

I have a few more domains for you… mediadison.com ICANN Registrar: BIZCN.COM, INC Created 6 July 2009 IP: 212.117.166.77, Luxembourg, Root Esolutions Sharing IP with the following domains, all of which should be treated with extreme caution: 2ez4clicks...
Posted by sandi | with no comments
Filed under:
Fri, Sep 4 2009 18:15

ALERT: Please treat the domains gogomediacenter.com, sys17media.com and praharesorts.cn with extreme caution

It is very interesting to watch the modus operandi that the bad guys are using change. This malvertizement was NOT seen on a web page; rather it was being displayed by an advertising supported freeware application. The trouble starts when an ad.yieldmanager...
Posted by sandi | with no comments
Filed under:
Fri, Sep 4 2009 12:18

ALERT: Impersonation of legitimate advertising networks and companies

This investigation began after I was alerted to the fact that somebody has been posing as a Vonage representative, and using the domain vonage-inc.com while doing so. The domain vonage-inc.com was created on 5 August 2009, and the ICANN Registrar is BIZCN...
Posted by sandi | 3 comment(s)
Filed under:
Tue, Aug 25 2009 16:37

ALERT: More malvertizing via Facebook applications?

Last time it was “Human Gifts” (aka Owned) that I wrote about on August 3: ALERT- Malvertizing on Facebook and gaiaonline.com   This time it is the “We’re Related” application – an incident reported on August 18 http://community.tigranetworks.co...
Posted by sandi | with no comments
Filed under:
Thu, Aug 20 2009 21:12

Malvertizement featuring careerbuilder.com

Thankfully it tries to load content from a known bad domain that is not responding.        
Posted by sandi | with no comments
Filed under:
Wed, Aug 12 2009 12:37

FTC versus Innovative Marketing et al – developments: Innovative Marketing and Daniel Sundin

An Order of Default was entered against Innovative Marketing and Daniel Sundin on 6 August 2009 “ for want of answer or other defense ” . Regular readers will know that Innovative Marketing and Daniel Sundin have ignored the FTC action right from the...
Posted by sandi | 1 comment(s)
Filed under: ,
Tue, Aug 11 2009 11:00

Malvertizement featuring TravelRes

    The malvertizement attempted to load a clickrevenue.info URL, and features the now familiar ‘dynamic text’:   clickrevenue.info ICANN Registrar: REGTIME LTD Created 21 July 2009 NS1.NAMESELF.COM (89.108.122.149 - Agava) (195.161.113...
Posted by sandi | with no comments
Filed under:
Mon, Aug 3 2009 0:28

ALERT: Malvertizing on Facebook and gaiaonline.com

  This investigation started after I read a report by a fellow member of the security community that his mother had called him downstairs " because her screen had been filled with warnings and download boxes whilst she was on Facebook's...
Posted by sandi | 4 comment(s)
Filed under: ,
Thu, Jul 30 2009 15:11

FTC versus Innovative Marketing et al - developments re Sam Jain

Regular readers of this blog will know that Sam Jain filed a motion for protective order requiring deposition to proceed by written questions, a motion which was DENIED on 22 July 2009. Sam Jain has now refused to be deposed, even refusing an offer from...
Posted by sandi | 3 comment(s)
Filed under: ,
Tue, Jul 28 2009 12:17

FTC versus Innovative Marketing et al - developments

A win for Marc D'Souza. The preliminary injunction is to be modified as followed (the FTC indicated that it had no objections to the language of the amendments): "F. The Assets affected by this Paragraph shall include existing Assets of any Corporate...
Posted by sandi | with no comments
Filed under: ,
More Posts Next page »