Spyware Sucks
“There is no magic fairy dust protecting Macs" – Dai Zovi, author of “The Mac Hacker’s Handbook"

A closer look at the Curves SWF

February 29th 2008 in Uncategorized

Interesting. 


“openadstream.net/ad0.php?url=http://ad.doubleclick.net/click/nxtgcbb80290000125ave/direct/wi/ai&key=V24567233828272323&c=127500043”
“iexplorer-security.org/?id=463400043”


iexplorer-security.org has hidden some information behind Privacy Protect, but we can find out some things.


First, iexplorer-security.org is hosted by Masterhost in Russia.  Second, its nameservers are provided by the infamous eshosst.com (aka estdomains) – the list of malicious/fraudulent domains associated with Estdomains is staggering.


I’ll need to get in touch with Doubleclick about their appearance in a variable.


 


Comments are closed.

Just like Skyauction, Emusic and QPAD before them, Firstchoice have advised that they have nothing to do with the malicious advertisements featuring their company.
I quote the contents of an email from Firstchoice to the web site that supplied the copy of the malicious advertisement from Forceup to me for analysis:
“1. Our site [is] firstchoice.co.uk not […]

Previous Entry

Oxfam does fantastic work – in fact several people received “Oxfam Unwrapped” gift cards from me for Christmas (donations on their behalf) – and it makes me FURIOUS to see Oxfam’s good name taken advantage of, and a malicious advertisement featuring their name used as a conduit to fraudware. I received a sample SWF today, […]

Next Entry

Archives