Spyware Sucks
“There is no magic fairy dust protecting Macs" – Dai Zovi, author of “The Mac Hacker’s Handbook"

Now this is scary…. :(

February 28th 2009

We can only hope that the following was a joke – if not, the implications are very worrying… “Our computers at the hospital are crashing all the time now. There are so many extra programs, virus and outdated programs running that the operating system is unable to handle them. Their power supplies can not handle […]

Read On Comments Off

ALERT: Please treat all content from yourdirectmedia.com with extreme caution

February 27th 2009

The following comment was posted to my blog a short while ago: "Be cautious of Yourdirectmedia . Tried to pass us HP ads with malware and gave us Olympicmedia.net, Atlantmedia.net and Ads2revnue for their references." Cite: http://msmvps.com/blogs/spywaresucks/archive/2009/01/05/1658482.aspx#1674640   As you will know, I posted about malvertizements featuring HP earlier today. Regular readers of my blog […]

Read On 1 Comment

ALERT: malvertizement featuring HP

February 27th 2009

I’ve first saw this malvert on 18 February, but am seeing a sudden noticeable upspike in distribution.   I’ll post about the domains being used to facilitate the hijack later.

Read On Comments Off

Heated toilet seats!

February 27th 2009

Yep, that is an enduring impression that I will take away from my visit to Google’s offices – heated toilet seats; that and the slide from one floor to another that went down the stairwell  :o) I was very excited to have been offered the opportunity to visit Google while I was in town.  It […]

Read On Comments Off

Developments in the FTC versus Innovative Marketing lawsuit

February 26th 2009

Well well, it looks like Sam Jain, fugitive from justice, is still around… Court activity: 17 February 2009 – RESPONSE in Opposition re MOTION for Other Relief Order Holding Sam Jain and Kristy Ross In Contempt Of Court And Requiring The Repatriation Of Their Assets filed by Sam Jain. Replies due by 3 March 2009. […]

Read On Comments Off

Interesting comment – Best Western malvertizing

February 26th 2009

The comment was posted here.  I quote: “My company was approached by a client claiming to represent Best Western with a lower tech version of this.  We were give a static JPG, third one from the top and instructions to paste some odd-looking Javascript with the image.  I ran the code in AddOps tools and […]

Read On Comments Off

ALERT: malvertizement on display at jeuxvideo.com

February 17th 2009

Hat tip to Malekal Deja vu – guess what domains are involved in the jeuxvideo.com incident – adclickmate.net and smartadserver.net. IMPORTANT NOTE: PLEASE DO NOT CONFUSE THE MALICIOUS DOMAIN SMARTADSERVER.NET WITH THE LEGITIMATE SMARTADSERVER.COM. Adopstools results – positive: http://www.adopstools.com/index.asp?page=quicklink&id=GOS8G5jCpshG1DtK   Malicious code is hidden within the SWF creative as dynamic text:       We […]

Read On Comments Off

Developments in the FTC v Innovative Marketing et al lawsuit…

February 16th 2009

Filed – Consent motion to withdraw motion to dismiss for lack of personal jurisdiction of defendants James Reno and ByteHosting Internet Services, LLC – 12 February 2009 “By agreement of the Plaintiff the Federal Trade Commission and Defendants James Reno and ByteHosting Internet Services, LLC, and in anticipation of resolution of the claims against said […]

Read On 3 Comments

Please do NOT advise your users to turn off automatic updates because of *one* problem update

February 13th 2009

The latest “Rollup for ActiveX Killbits for Windows” (KB960715) is causing problems for some third party applications that are dependent on the disabled controls. One application that has problems, “Office Tools Professional”, is advising its users to not only uninstall the Killbit patch (thereby restoring the broken functionality), but also to “turn off automatic updates”.  […]

Read On 3 Comments

Announcement: specialized malvertizing search engine portal

February 13th 2009

The Google Anti-Malvertizing Team have created a “custom search engine intended to help ad network customers conduct quick background checks on prospective partners” that can be seen here: Google Malvertizing Research The search engine pulls content from various dedicated forums and blogs, including Spyware Sucks.  It can certainly help reduce the “signal to noise” ratio […]

Read On Comments Off