Spyware Sucks
“There is no magic fairy dust protecting Macs" – Dai Zovi, author of “The Mac Hacker’s Handbook"

ALERT: Please treat content from facilitatedigital.net and trueffects.net with extreme caution

August 31st 2010

  Malvertizing featuring “Gilt Man” has been seen coming from facilitatedigital.net – note that facilitatedigital.net was mentioned in my earlier blog post.   facilitatedigital.net ICANN Registrar: TODAYNIC.COM, Inc Created 29 July 2010 IP: 72.9.236.172 – Global Net Access Llc Shares IP with trueffects.net Registrant: Harold A Mcconville (haroldamcconville@gmail.com) ***** trueffects.net ICANN Registrar: TODAYNIC.COM, Inc Created […]

Read On Comments Off

ALERT: Starcom Mediavest Group are being impersonated

August 30th 2010

The real Mediavest domain is mediavestww.com (note the ww).  The impersonators are using mediavestw.com (note, just one w) mediavestw.com ICANN Registrar: Melbourne IT, Ltd D/B/A Internet Names Worldwide Created 6 August 2010 IP: 69.195.140.33 – Yahoo! Inc Registrant: hidden behind myprivateregistration.com

Read On Comments Off

Tepuro Advertising leads us to some more bad names – please treat all domains with extreme caution

August 30th 2010

Thanks to industrypace.com for the info (the only thing I would point out is that just because they use a Chinese registrar, doesn’t make the bad guys themselves Chinese…).  There is link to a youtube video in the industrypace.com article which allows you to listen to the voicemail potential victims are directed to when they […]

Read On Comments Off

ALERT: phg-media.com has nothing to do with Zedo

August 25th 2010

phg-media.com were caught laying the groundwork for an attempt to impersonate Zedo (see the screenshot below captured before the site disappeared).  Please be aware that phg-media.com have nothing to do with Zedo. Safe Browsing Report – 63 scripting exploits and one trojan: http://www.google.com/safebrowsing/diagnostic?site=phg-media.com    phg-media.com ICANN Registrar: EVOPLUS LTD Created 21 June 2010 IP: 206.217.208.36 […]

Read On Comments Off

ALERT: Please treat content from Tepuro Advertising with extreme caution

August 20th 2010

  The source of the “Curves” Creative pictured is Tepuro Advertising.  Their domain, tepuro.com has only been registered since 26 July 2010, and was registered via BIZCN.COM. tepuro.com ICANN Registrar: BIZCN.COM Created 26 July 2010 IP: 63.247.93.29 – Global Net Access Llc Registrant: Tepuro Registrar, Domain Admin, domains@tepuro.com

Read On Comments Off

ALERT: Watch out for Bellas Interactive….

August 3rd 2010

Bellas Interactive have been highlighted as attempting to sell malvertizing to Casala Media in two of the most well written articles I have seen about malvertizing in a long time. Suspected Malvertiser Posting As Legitimate Ad Agency Anatomy Of An Attempted Malware Scam   bellasinteractive.com has not appeared on this blog before, but all of […]

Read On Comments Off