Spyware Sucks
“There is no magic fairy dust protecting Macs" – Dai Zovi, author of “The Mac Hacker’s Handbook"

A new look dottunes malvertizement

May 27th 2008 in Uncategorized

A new style Dot Tunes advertisement:


The adopstools results are here:
http://www.adopstools.net/index.asp?page=quicklink&id=r60Siyiw02bZgpaa 


When the SWF is displayed on a system it hits the following URLs:


traveltray.com/crossdomain.xml


and


traveltray.com/stats.php?u={{removed}}&campaign=ofdidactic


The cross domain policy is “allow-access-from domain=”*” ” – in other words, there are no domain restrictions.  This document will help you understand the implications of such an open cross domain policy:
http://www.adobe.com/devnet/flashplayer/articles/fplayer9_security.html


image   image   image


One comment to...
“A new look dottunes malvertizement”

Jeff Ayling

Hi there,

Jeff here from DOT.TUNES.

I’d just like to strongly assure you that this advert was not created by us and we are victims in this.

We would love to find out who is responsible for creating these ads – if anyone can help please let us know.

Thanks

Jeff


A fraudware web site that will *not* close. I see this: I try to close using Red X, I get this: I try to close using the Red X, which has always been sufficient in the past.  In this case, the dialogue box goes away but the god-damned window is still […]

Previous Entry

Affected versions are 9.0.124.0 and 9.0.115.0.
The best analysis that I’ve seen so far is at SecurityFocus:http://www.securityfocus.com/bid/29386/info
The frightening thing about this alert is that the vulnerability is being actively exploited, with tens of thousands of web sites being compromised (Symantec/Security Focus think that this is happening via SQL injection), with those compromised web sites being […]

Next Entry