Spyware Sucks
“There is no magic fairy dust protecting Macs" – Dai Zovi, author of “The Mac Hacker’s Handbook"

Malvertizers stealing old, watermarked graphics

April 30th 2010

  There are reports of a malvertizement incident using a “Curves” malvertizement. Note the watermark on the advertisement (which was being served via a domain that is attempting to spoof mediaplex: adfarm.mediaplex.com.rulash.com/banners/load.php?id=215411729).  I am sure that watermark belongs to Kimberley of Bluetack, which means that the miscreants have simply stolen a screenshot of an old […]

Read On Comments Off

Not again – this time it is the “Family Link” application on Facebook

April 26th 2010

  Visually the advert is identical to the one that was hijacking Facebook visitors using Farm Town, and again the malvert is hitting justimpression.com.  This time, though, the campaign does not seem to be targeting Australians.     If we look at the SWF itself we see:  

Read On 1 Comment

Sometimes it isn’t malvertizing….

April 26th 2010

I’m still keeping an eye on the Farm Town forums, now that they’ve caught my eye because of the malvertizing incident and the amazing 30+ page complaint thread on their forums (all of the old posts were deleted from that thread on or close to the 20th of April, btw). Anyway, the complaint seen in […]

Read On Comments Off

More trouble at cubics.com

April 17th 2010

Again, a Facebook application is affected, but this time it is users in the United States (and perhaps elsewhere) who are being targeted.  The App owner, cubics.com and Facebook have all been notified of the incident and given the necessary evidence. The advertisement displayed when I test the social.bidsystem.com URL changes all the time.  That […]

Read On 3 Comments

One last post on the Farm Town malvertizement incident

April 13th 2010

I posted this to Farm Town here:   This response was posted, just 14 minutes later – note that my post was edited not once (by “candlelight”), but twice – once to disable the links (which I don’t have a problem with) and then again over 12 hours later (by “Heddryin”?) to remove the links […]

Read On 2 Comments

Update on Farm Town

April 12th 2010

I received an email from adknowledge.com 50 minutes ago to advise that they have identified and taken down the malicious advertisement. There is, of course, much that needs to be addressed.  How did the advert get in in the first place? If Farm Town were approached and accepted the advert, who gave it to them? […]

Read On 6 Comments

Conrad digs deeper

April 12th 2010

Oh boy… Conrad took a look at the traffic hitting justimpression.com http://blog.dynamoo.com/2010/04/farmtown-impressionclubcom-and.html   One thing I will point out is that those stats are for people visiting justimpression.com who are based in the United States.  It seems that the Farm Town malvertizement on Facebook is geotargetted and hitting UK and Australian players.  Alexa reports that […]

Read On Comments Off

More on the Malvertizing problem

April 12th 2010

Graham Cluney writes: http://www.sophos.com/blogs/gc/g/2010/04/12/farm-town-virus-warning-malvertising-work/   And there is a *big* thread on the Farm Town forums: http://slashkey.com/forum/showthread.php?s=0ac5ce13b15397a9577dee639cf9e205&t=204626   I’m going to join that forum and post to that thread.   And here’s a screenshot of the malvertisement in situ:

Read On Comments Off

Confirmed – the FarmTown application on Facebook is displaying malicious advertising

April 12th 2010

IMPORTANT NOTE: THE APPLICATION AFFECTED IS FARM TOWN, NOT FARMVILLE.  THE ORIGINAL ARTICLE HAD ‘FARMVILLE’ IN THE TITLE – THAT WAS QUICKLY AMENDED BUT SOME RSS FEEDS MAY HAVE PICKED UP THE ORIGINAL TITLE. Google Chrome’s protections stopped the bad advert from working by rejecting the content from justimpression.com – Internet Explorer’s various protections did […]

Read On 2 Comments

Uh oh… dangerous stuff on Facebook?

April 12th 2010

Seen when a computer was used to access the FarmTown game on Facebook.

Read On 1 Comment