Spyware Sucks
“There is no magic fairy dust protecting Macs" – Dai Zovi, author of “The Mac Hacker’s Handbook"

ALERT: Please treat advertising at clevescene.net with extreme caution

April 22nd 2009 in Uncategorized

image

 

Same old same old. A rhapsody advertisement.  Reported to clevescene

URL of malvertizement:
72.167.208.179/adserver/www/images/rhapsody728x90.swf

Adopstools results confirming malicious code:
http://www.adopstools.com/index.asp?section=quicklink&id=IN91asr1bK1W3pv3 

URLs encountered:
hitoptimist.com/crossdomain.xml

and:
hitoptimist.com/c/index.php?<<redacted>>

as well as:
statsnclick.com/?cmpid=<<redacted>>

From there we end up at:
crustat.com/ts/in.cgi?<<redacted>>

Before ending up at:
pnfzetnax.net/pro/uspremorse/

Before ending up at the fraudware site:
78.47.132.220/cr/adv/142/index.html


Comments are closed.

   
Note, the malvertizement was reported to “kraz”, who is apparently responsible for advertising on the letssingit.com web site, a couple of days ago via the “Advertise on letssingit” contact form.  The advertisement was immediately removed.
letssingit.com is hosting a malicious advertising featuring SWATCH as per this URL: includes.letssingit.com/ads/SWATCH300x250.swf
Adopstools check: http://www.adopstools.net/index.asp?section=quicklink&id=8973swVapP174q1A
The malvert hits […]

Previous Entry

ALERT:  Please treat any content from these domains with suspicion, and be very careful about any credit reference you receive that refers to: yourdirectmedia.com, atlantmedia, traffichunters, olympicmedia.net ads2revenue, adsrepublic, truemedian.com, readadsolutions.com, adsmanagement.com ALERT: Watch out for the impersonation of legitimate businesses in credit reference checks.  Details below. —– It is fascinating […]

Next Entry

Archives