Browse by Tags

All Tags » Security, safety and privacy on the Internet (RSS)
Wed, Apr 29 2009 22:22

A frightening tale of computer infection and its consequences

“ It all started when I wanted to get more performance out of my video card. I download the latest drivers and included this virus. ” Yep, that one simple act turned into an infection nightmare lasting three weeks.  I’m hoping Micky will work out...
Posted by sandi | 6 comment(s)
Filed under: ,
Mon, Mar 9 2009 10:04

ALERT: Please treat the domain statisticsishere.com and measurehits.com with extreme caution

I received this email a short while ago: “ We have been getting a lot of ads accessing scripts from this domain statisticsishere.com. So far there is no malware redirect or download but this domain looks suspicious having been created less than a week...
Posted by sandi | with no comments
Filed under: , , ,
Thu, Mar 5 2009 14:04

Did you know that it is National Zombie Awareness Week in Australia?

I didn’t … http://www.iia.net.au/index.php/zombieweek.html  
Posted by sandi | with no comments
Filed under: ,
Sun, Mar 1 2009 3:37

Now this is scary…. :(

We can only hope that the following was a joke – if not, the implications are very worrying… “ Our computers at the hospital are crashing all the time now. There are so many extra programs, virus and outdated programs running that the operating system...
Posted by sandi | with no comments
Filed under: ,
Thu, Feb 26 2009 23:46

Interesting comment – Best Western malvertizing

The comment was posted here .  I quote: “ My company was approached by a client claiming to represent Best Western with a lower tech version of this.  We were give a static JPG, third one from the top and instructions to paste some odd-looking...
Posted by sandi | with no comments
Filed under: , , ,
Sat, Feb 14 2009 13:24

Please do NOT advise your users to turn off automatic updates because of *one* problem update

The latest “Rollup for ActiveX Killbits for Windows” ( KB960715 ) is causing problems for some third party applications that are dependent on the disabled controls. One application that has problems, “ Office Tools Professional ”, is advising its users...
Posted by sandi | 3 comment(s)
Filed under: ,
Tue, Feb 10 2009 16:42

Lifestyles of the Rich and Infamous, and an update about the status of the FTC versus Innovative Marketing et al lawsuit

I'll include some history of events so that you can get a sense of perspective with regards to the time frame around these events.   It is especially important to note that the FTC lawsuit is not the only problem that Jain is facing. ...
Posted by sandi | 1 comment(s)
Filed under: , , ,
Mon, Feb 2 2009 16:49

I just knew I'd find DIRECTI in there somewhere...

Sunbelt reports that there is a new fraudware domain, being ie-security.com . Let's look at the domain details for ie-security.com: ICANN Registrar: BIZCN.COM, Inc (a name that is appearing far too often in association with malware) Date created:...
Posted by sandi | 1 comment(s)
Filed under: ,
Mon, Feb 2 2009 15:54

More information about Olympic Media shenanigans

Ok, when the hijack triggered via the Olympic Media supplied javascript URL that I mentioned in my previous article triggers successfully we hit: admediastats.com/ts/in.cgi?{{redacted}} From there we end up at sg12scanner.com/{{redacted}} From there to...
Posted by sandi | with no comments
Filed under: , ,
Mon, Feb 2 2009 13:50

Olympic Media are still active

I’ve warned about Olympic Media several times – they continue to be active. The latest reports indicate they are claiming to be operating out of Canada and are supplying javascript code referring to admin.securityclick.net as follows:     Other...
Posted by sandi | 3 comment(s)
Filed under: , ,
Tue, Jan 27 2009 9:42

DIRECTI responds re inaccurate WHOIS complaint time frames

15 days, so they say:   My response? “ This is not good enough.  The domains can be used to facilitate fraud for 15 days? At the very least, posnerpromotion.com should have been isolated before now. posnerpromotion.com redirects to posneradv...
Posted by sandi | 1 comment(s)
Filed under: ,
Mon, Jan 26 2009 14:08

Oh dear, oh dear, oh dear…

Its amazing what we find sometimes… WARNING: I am assuming that my readers are smart enough to *NOT* visit the victim site, or the malicious URLs, without hefty protection in place, yes?  In fact, don’t go there at all unless you are willing to reformat...
Posted by sandi | with no comments
Filed under: , ,
Thu, Jan 22 2009 22:05

DIRECTI finally agree to act

  I sent an email to DIRECTI on the same day that I wrote this blog post: http://msmvps.com/blogs/spywaresucks/archive/2009/01/21/1663955.aspx The email said, essentially, the same thing that I said in that blog post. As you can see, they have initiated...
Posted by sandi | 9 comment(s)
Filed under: , ,
Wed, Jan 21 2009 13:19

DIRECTI responds to my complaint about the impersonation of domains/businesses

  As you can see from their email, DIRECTI advise that they suspended prolinar.com on 19 January for “Inaccurate whois details”.  It should be noted that I reported on 16 January that prolinar.com had already disappeared from its previous IP...
Posted by sandi | 4 comment(s)
Filed under: , ,
Mon, Jan 19 2009 21:59

Spotting the bad guys…

It is very important to be familiar with the traits and suspicious behaviour/signs common to domains associated with malware, fraudware and malvertizing, affiliate misbehaviour and whatnot. By studying what the bad guys are doing, and how they do it,...
Posted by sandi | 2 comment(s)
Filed under: , ,
Fri, Jan 16 2009 22:42

ALERT: Please treat all content from topstarmedia.net and osmedlin.com with extreme caution - do we find DIRECTI? Yes we do!

I received an email alert today reporting that topstarmedia.net is supplying JavaScript code for advertising campaigns as follows: osmedlin.com/?id=<<removed>> To quote my correspondent, topstarmedia’s approach had "ll the hallmarks-...
Posted by sandi | with no comments
Filed under: , ,
Thu, Jan 15 2009 12:49

Glowing brain malvertizement – and, once again, we find DIRECTI

  Adopstools results: http://www.adopstools.net/index.asp?page=quicklink&id=26gBv5P94L5CW849   Touches the domain adclickmate.net Registrar: DIRECTI (yet again) Created 24 March 2008 NS1.ADCLICKMATE.NET NS2.ADCLICKMATE.NET IP: 212.95.37...
Posted by sandi | with no comments
Filed under: , ,
Thu, Jan 15 2009 12:03

Potential malvertizement featuring the Disney movie “Bolt”

  Adopstools results: http://www.adopstools.net/index.asp?page=quicklink&id=YNgNHCUFU1pAgA94
Posted by sandi | with no comments
Filed under: , ,
Tue, Jan 13 2009 8:09

Directi Internet Solutions strikes again

I ask you – just how obvious does the impersonation of a legitimate company have to be before Directi notices and stops a site from going live *before* it can do harm??? quigley-simpson.net Registrar: DIRECTI INTERNET SOLUTIONS Created 17 December 2008...
Posted by sandi | 6 comment(s)
Filed under: , ,
Mon, Jan 5 2009 8:15

ALERT: traffichunter.net and traffichunters.net – spot the similarities to Olympic Media

I think it is fair to say that all content from traffichunter.net and traffichunters.net should be treated with extreme caution. First of all, I received an email warning me that there are remarkable similarities between the Olympic Media web site and...
Posted by sandi | 3 comment(s)
Filed under: , ,
More Posts Next page »