XM Radio Exposed domain: aboutstat.net XM Radio again Exposed domains: waytotheprofit.com/?cmpid=weannalist and officialstat.com/c/index.php , both of which are known malvertizement domains. waytotheprofit.com/?cmpid=weannalist leads us to an adverdaemon.com URL which then leads on to diskretter.com...
Posted to
Spyware Sucks
(Weblog)
by
sandi
on
06-29-2008
Filed under: Security, safety and privacy on the Internet, Vulnerabilities, viruses and exploits
perfectmatch.com Domains exposed: profitabill.com/?cmpid=cancrineso stat-diagnostic-imaging.net/c/index.php profitabill.com Hosted by Plusserver, Germany. Administrative contact is the infamous Serg Moon - WHOIS details are, of course, unhelpful. Note: WHOIS notes that registration services are provided...
Posted to
Spyware Sucks
(Weblog)
by
sandi
on
06-29-2008
Filed under: Security, safety and privacy on the Internet, Vulnerabilities, viruses and exploits
First Choice in French (we have seen malvertizements featuring First Choice before - eg: this one in English ) This malvertizement exposes a domain to us, waytotheprofit.com/?cmpid=atrecreant and click.adlbrite.com . adlbrite.com is hosted by nine.ch in Switzerland (yes, the same nine.ch that has hosted...
Posted to
Spyware Sucks
(Weblog)
by
sandi
on
06-29-2008
Filed under: Security, safety and privacy on the Internet, Vulnerabilities, viruses and exploits
Information courtesy of Intego , a company specializing in security products for the Mac. Intego has released a security memo describing a trojan horse for the Mac - a poker game that, when run, harvests the username, password and IP address of the victim and transmits it to a server, as well as enabling...
Posted to
Spyware Sucks
(Weblog)
by
sandi
on
06-24-2008
Filed under: Security, safety and privacy on the Internet, Vulnerabilities, viruses and exploits
I have received a copy of a new malvertizement featuring gifttree.com. Analysis reveals two malicious URLs, being: waytotheprofit.com/?cmpid=itlocation station-appraisals.com/c/index.php? The waytotheprofit.com URL leads us to an adnetserver.com URL which in turns leads us to a german language fraudware...
Posted to
Spyware Sucks
(Weblog)
by
sandi
on
06-20-2008
Filed under: Security, safety and privacy on the Internet, Vulnerabilities, viruses and exploits
First, driveway: waytotheprofit.com/?cmpid=comedogeni&adid=intl statgroup.net/c/index.php?id=WmhuaHhDTEFpUXm7NkiZmOVpYVnd4cGtoPTEyMDgxNjk3MDUmcG56Y252dGE9cGJ6cnFidHJhdgYNkiDgNmYNkiDgNm Next, dreammates: waytotheprofit.com/?cmpid=comedogeni&adid=intl stat-diagnostic-imaging.net/c/index.php?id...
Posted to
Spyware Sucks
(Weblog)
by
sandi
on
06-12-2008
Filed under: Security, safety and privacy on the Internet, Vulnerabilities, viruses and exploits
Adopstools.com was not able to analyse the sample that I have, but there is more than one way to get things done. The malicious SWF exposes victims to two different URLs: impressiontracker.com/url/sc_6.php and yourredirect.com/soft.php?aid=000417&d=3&product=XPA The yourredirect.com URL redirects...
Posted to
Spyware Sucks
(Weblog)
by
sandi
on
06-08-2008
Filed under: Security, safety and privacy on the Internet, Vulnerabilities, viruses and exploits
A fraudware web site that will *not* close. I see this: I try to close using Red X, I get this: I try to close using the Red X, which has always been sufficient in the past. In this case, the dialogue box goes away but the god-damned window is still open. So, I go have to go to Task Manager and shut...
Posted to
Spyware Sucks
(Weblog)
by
sandi
on
05-20-2008
Filed under: Security, safety and privacy on the Internet, Vulnerabilities, viruses and exploits
Washington State Attorney General Rob McKenna today announced another win in the state’s fight to protect consumers from online fraud. A King County Superior Court Judge found that Internet affiliate advertisers Securelink Networks, LLC , and NJC Softwares, LCC , and their officers violated Washington...
Posted to
Spyware Sucks
(Weblog)
by
sandi
on
05-03-2008
Filed under: Security, safety and privacy on the Internet, Vulnerabilities, viruses and exploits
Earlier I posted an alert that ReachWe (reachwe.com) has been caught distributing malvertizements . Kimberley has written about another advertising service that shares IP with reachwe.com - P-mediaonline.com - discussed here: http://www.bluetack.co.uk/forums/index.php?showtopic=18064&pid=87048&mode...
Posted to
Spyware Sucks
(Weblog)
by
sandi
on
04-27-2008
Filed under: Security, safety and privacy on the Internet, Vulnerabilities, viruses and exploits