Spyware Sucks
“There is no magic fairy dust protecting Macs" – Dai Zovi, author of “The Mac Hacker’s Handbook"

Email just sent to the online contact address responsible for advertising on www.allmusic.com

November 19th 2007

Here it is… now we just wait and see if they respond, and how they respond… watch this space… Note that the ‘sent’ date and time is obscured to disguise my current time zone – you’ll understand why I do that if you read the article referenced, “Winfixer hide ‘n’ seek: explaining why some people […]

Read On Comments Off on Email just sent to the online contact address responsible for advertising on www.allmusic.com

Malicious banner advertisements at www.allmusic.com

November 19th 2007

Once again we are going to see some familiar names – blessedads and prevedmarketing. I have received numerous complaints about malicious banner advertisements being displayed at www.allmusic.com.  The banner advertisement that I saw redirects victims to a site touting something called Deuce Cleaner Inc.  Interestingly, there is little to be found via various Google searches […]

Read On 3 Comments

Negligent technical support advice from TomTom

November 19th 2007

Never never never never NEVER tell users to turn off their computers firewalls. You can read my brief dialogue with TomTom’s technical support here – yes, I suppose I should have tried switching from wireless to wired before contacting TomTom, but all other downloads from their service were working just fine – it was only […]

Read On Comments Off on Negligent technical support advice from TomTom

Do me a favour – dump Symantec

November 14th 2007

Check this out:http://msmvps.com/blogs/hostsnews/archive/2007/11/14/1309806.aspx I ask you, can you trust an antivirus product that cannot distinguish an advertisement or cookie related URL and a “if you can’t get to this address you can’t update your antivirus” URL? In the current environment, where advertising networks are being compromised all over the world, and any web site could serve […]

Read On 2 Comments

MalwareAlarm again.. this time it’s www.ok-magazine.com

November 14th 2007

This afternoon, let’s have a look at the hijack that is affecting www.ok-magazine.com, right on the front page. The dangerous SWF is hosted by r2d2advertising: r2d2adverising.com/edges/fast_get.php?bs=763392451522918384433822949288977796434723741732 From there we’re dragged through to newbieadguide.com: newbieadguide.com/statsa.php?campaign=2fact0ry&u=1194994157514 We then bound over to blessedads: blessedads.com/?cmpid=2fact0ry&adid=gsd2 And prevedmarketing.com: prevedmarketing.com/?tmn=mwatmp&aid=2fact0ry&lid=gsd2&ex=1&ed=2 And end at, you guessed it, scanner2.malware-scan.com: scanner2.malware-scan.com/4_swp/?tmn=mwatmp&aid=2fact0ry&lid=gsd2_ao_3958_0_10228_ao_&ex=1&ed=2&tmn=null&mt_info=3958_0_10228 I am sure, gentle reader, […]

Read On 2 Comments

Sensis respond to the MalwareAlarm outbreak…

November 14th 2007

…and they say thank you.

Read On Comments Off on Sensis respond to the MalwareAlarm outbreak…

Sensis update – the advertisements are gone

November 13th 2007

Both of the Sensir URLs mentioned earlier in the article are now 404 – that’s a good thing. medrx.sensis.com.au/content/SkyAuction/106804/skyauction_300x250.swf  – dead medrx.sensis.com.au/content/SkyAuction/106804/skyauction_728x90.swf – dead Now, if only we could get the problems in the USA and UK cleaned up as easily – I’ll be posting later about very similar redirects that are hitting visitors to […]

Read On 1 Comment

Sensis update

November 13th 2007

The local Sensis branch is closed, so I had to call the 1800 number. Sensis staff now have a Fiddler capture from me that proves that the redirect is occurring, they have my cell phone number, and my email address, and they have information about my various blog posts about this incident. Now we wait and see […]

Read On Comments Off on Sensis update

Another dangerous Sensis advert

November 13th 2007

Same advert, different size: medrx.sensis.com.au/content/SkyAuction/106804/skyauction_728x90.swf  

Read On 2 Comments

www.whitepages.com.au – the problems continue

November 13th 2007

The malicious Flash advertisement is still being displayed, and is still hijacking visitors to the web site. I’ll continue to check throughout the day. Sensis has not responded to my attempt to contact them last night.

Read On 2 Comments


Archives