… or maybe a lawsuit by the makers of “iSnack Cyber Chips” or the “iSnack Energy Bar”. Yes, Kraft really did choose to name their new Vegemite “iSnack 2.0”. The name was “invented” (and I use that term very loosely) by Dean Robbins, a 27 year old West Australian and graphic and web designer. […]
Regular readers will recognize the domains t.banner09092.com and blackwater-cuprumworks.net – they were the domains used to attempt infection of computers via various security exploits: http://msmvps.com/blogs/spywaresucks/archive/2009/09/12/1722754.aspx Luckily, the domain blackwater-cuprumworks.net is not responding at the moment. extrabanner.com ICANN Registrar: Godaddy.com, Inc Created 30 July 2009 NS47.DOMAINCONTROL.COM NS48.DOMAINCONTROL.COM IP: 68.178.232.100 – Arizona, Scottsdale, Godaddy.com, Inc (shares […]
“SOS issued for original ABBA jumpsuit VICTORIA Police have issued an SOS to help find a white jumpsuit originally worn by ABBA songstress Agnetha Faltskog. The jumpsuit, which Agnetha is pictured wearing on the cover of the Swedish pop group’s fourth album, Arrival, is believed to have been taken from a Melbourne house and […]
It has been all over the popular press – the New York Times web site had been tricked into accepting a malvertizement that was hijacking some visitors to that site and dumping them at a web site touting fake security software. And, in a move that is kind of unusual, the New York Times web […]
It has been implicated in the facilitation of malvertizing that attempts to infect computers via PDF exploit The way it works is as follows: ad.trendbanner.com uses document.write to load the JS content at banner.pushbanner769.info banner.pushbanner769.info displays an advertisement, but also loads content from content from t.banner08092.com. t.banner08092.com simply redirects to blackwater-cuprumworks.net blackwater-cuprumworks.net includes a […]
I have received information that kennedales.com has been implicated in a malvertizing incident. I noted in my last blog post that kennedales.com shares IP address with two other domains that have already been caught facilitating malvertizing but at that time had not received intelligence indicating that kennedales.com was also involved. Now we know that it […]
Seen distributing malvertizing at starnewsonline.com: http://forums.starnewsonline.com/eve/forums/a/tpc/f/6431032365/m/7121097019/r/9841029019 And collegehumor.com: http://www.facebook.co.za/CollegeHumor And tigerdroppings.com: http://www.tigerdroppings.com/rant/messagetopic.asp?p=14780012&pg=1 And basilmarket.com (page doesn’t load, but you can find it in Google cache): http://www.basilmarket.com/forum/1184277/2 newadsresults.com ICANN Registrar: BIZCN.COM, INC. Created 21 July 2009 NS1.EVERYDNS.NET NS2.EVERYDNS.NET IP: 212.117.166.69 (Luxembourg, Root Esolutions) Shares IP with two other domains, kennedales.com and waveadvert.com Registrant: RJ Rita […]
I have a few more domains for you… mediadison.com ICANN Registrar: BIZCN.COM, INC Created 6 July 2009 IP: 212.117.166.77, Luxembourg, Root Esolutions Sharing IP with the following domains, all of which should be treated with extreme caution: 2ez4clicks.com, denrifiox.com, monsteradhost.com, newage-advertising.com, profitgainerz.com, ranparetc.com, s7atwola.com, scheuvronts.com, smartadvertisment.net, westernadrix.com Registrant: Solaris Co Jack Thompson (jthompson@yahoo.com) […]
Ouch. I haven’t seen a mess this bad since IE7 first came out in beta… (yes, IE8’s Compatibility View fixes the display issues).
It is very interesting to watch the modus operandi that the bad guys are using change. This malvertizement was NOT seen on a web page; rather it was being displayed by an advertising supported freeware application. The trouble starts when an ad.yieldmanager.com GET retrieves content, in an iframe, from the domain "gogomediacenter.com". The content served […]