Kimberley reports on the incident. Userplane is a wholly owned subsidiary of AOL (yes, I have written to my contacts there), and Kimberley is getting in touch with the appropriate people at MySpace to try and get this shut down ASAP. Some important notes for the curious. The advertisement itself is a simple JPEG […]
No. Am I surprised? No. Why haven’t they fixed the problem yet? You tell me and we’ll both know. Maybe they *like* the fact that all of the links on their Products page are broken. The fact that the malicious URL is not working is no excuse. According to the John Sands web site, the […]
It is all over the popular press – Websense have announced that they have found malicious script on the John Sands web site:http://securitylabs.websense.com/content/Alerts/3268.aspx I can only hope that WebSense, and all of the negative press that their announcement has triggered, will finally get John Sands to clean up their act and fix the problems with […]
Back on 17 December 2008 I wrote about malvertizements being distributed by criminals impersonating the legitimate Koeppel Interactive (the legitimate site being koeppelinteractive.com). The fake site, koeppelinteractive.co.uk, is now inaccessible; its name servers have been changed to “ns1.suspended-domain.com” and “ns2.suspended-domain.com”. Koeppelinteractive.com have added an alert to their site warning about the impersonation. For what its […]
Adopstools results:http://www.adopstools.net/index.asp?page=quicklink&id=RC567srdR4afU35z The malicious ad hits two URLs: freegreenstats.com/c/index.php?id=<<snipped>> (79.135.187.95) and statisticsmanager.com/?cmpid=<<snipped>> (76.74.249.30) cookie dropped for adnetserver.com From statisticsmanager.com we are redirected to: onlinestatsmanager.com/ts/in.cgi?<<snipped>> (76.74.249.9) to: scan.freescanner-proas2009.com/<<snipped>> (78.26.179.130) <– Directi registered domain The Installer is downloaded from: files.pro-antispyware-dl.com/load/<<snipped>>.exe <— Directi registered domain Comment: I am beginning to wonder why it is […]
Well well, people have been busy. Various documents were filed on the 17th, including: Entry of Appearance on behalf of Mark D’Souza by Counsel Russell D Duncan of Orrick, Herrington & Sutcliffe Entry of Appearance on behalf of Sam Jain by Counsel Edward Wisneski of Patton Boggs A joint Response to Order to Show Cause […]
“We sometimes forget that Justice wields a sword…” My regular readers will recall that the temporary restraining order won by the FTC expired on 12 December 2008 at 6.15pm, and that each individual, corporate and relief defendant was ordered to appear before the Court at 3.30pm on that same day to show due cause […]
It has come to my attention that malvertizements are being sold to web sites by people using the domain koeppelinteractive.co.uk. I’ll quote a representative of the site who was stung by somebody representing koeppelinteractive.co.uk – they were sold malvertizements that immediately started hijacking visitors, redirecting them to fraudware sites via livestream-tds.com. The victim says: “It […]
Announcement here:http://blogs.technet.com/msrc/archive/2008/12/16/advance-notification-for-december-2008-out-of-band-release.aspx The patch resolves the actively exploited vulnerability that has been in the press so much in recent days, and which is the subject of this Security Advisory:http://www.microsoft.com/technet/security/advisory/961051.mspx
getmosales.com stood out in my last post, because it was the only domain listed in that report to have been moved behind a WHOIS privacy protection service. A quick search for the domain using various search engines reveals that the site used to have the following text: “SoftwareProfit – affiliate software application. Earn money with […]