Landing on “militarymoms.eu” a “Parked Domain“, where the clicks are controled by Overture (Yahoo Advertising) and as you can see below the link routes you to a known Malware infection (Trojan.Codec)
It appears that Yahoo has failed to keep an eye on what some of these underhanded Domain Parkers are doing. Redirecting clicks (Pay-per-Click) just for the sake of a few cents is not new, but let’s hope they get better control over those using their services. This is not the first time I have blogged about “free3xmovies”, where Clickz are promoting the same Malware site. It’s all about the $$$ folks no matter how they get it …
Luckly I have *.overture.com listed (recommended) in the Internet Explorer Restricted Zone, so I get a prompt before the redirect is completed. This way I can see where the click is going and clicking No kills the connection.
DANGEROUS: LinkScanner Online has found
[Trojan Fake Codec]
Detail: Exploit: Trojan Fake Codec
This appears to be a fake codec. An increasingly common ploy is to offer to play a free video, and then to tell you that your computer cannot display the video, and needs a new codec, and “Click here for the new codec”. The victim is prompted to install the codec, and sometimes gets to see the video, and sometimes doesn’t, and usually is able to uninstall the “codec”. What the victim doesn’t realize is that it usually leaves behind a rootkit.
McAfee’s SiteAdvisor states basically the same with a little more detail … “rc23.overture.com” will be added to the next HOSTS file update. Now just to be fair I should point out that Google Adsense is also involved, but as you can see above (highlighted in red) that entry is already blocked.