Tag Archive: Eastern

Website Referral Spam and Cyber Security Malware

Fear Uncertainty DoubtRemove Referrals Information from This Website because of Malware

Like many blogs, this website has displayed the last few hits (referrals) that it’s received as a kind of ‘live’ activity recorder and a small service back to the referring website.  However, I’ve had to pull this from my front page because over the last few days, hundreds of malware-laden websites have seemingly broadcasting pings to everyone else….

Anyone unlucky enough to click on these back-links to the ‘referrer’, is then presented with some fake anti-malware scan that’s almost impossible to get away from without resorting to Task Manager.

Analysis and Appearance

The referring link is usually from a sub-domain of an apparently ‘normal’ website (whatever ‘normal’ means, but I hope you know!).  Here’s an example that points to malware:

http://srpvxdd.franklinrealtyvacationrentals.com/page.php?n=overcome-compulsive-overeating

franklinrealtyvacationrentals.com is a normal-looking estate agent’s site in Florida.

This next one points to a blank page, has a similar php ?page= construct, but lacks a sub-domain:

http://sweetepeach.com/page.php?uuu=cube-memory-dane-elec

sweetepeach.com is a website under construction at ixWebHosting, my old host that I left because it was so slow.

And this one is another malware-laden website:

http://kwdkafg.pbparts.com/page.php?b=zalman-zm-wb4-plus

pbparts.com appears to be a computer parts on-line store in Arizona.

And here are two web addresses from the same domain!:

http://rlzkiio.tummy2tummy.com/page.php?n=tiered-tulle-dress

http://ziqklvc.tummy2tummy.com/page.php?d=official-ffa-dress

tummy2tummy.com appears to be mother and baby website.

Examples

CyberSecurityWarning1

Cyber Security Warning1

CyberSecurityWarning2

Cyber Security Warning2

CyberSecurityWarning3

Cyber Security Warning3

Here are examples of the typical warning messages after hitting a duff link or two…  These are taken from Firefox 3 & IE8, all fully patched and up-to-date etc.

  • The website sometimes redirects, sometimes not, to the malware-coded location.
  • The message/dialog boxes have a variety of wording and button suggestions
  • Some websites are completely un-closable by normal means and the Task Manager is the only way to get out of a loop
  • There are a variety of files to download from the various websites.  The one in the video below is called “Inst_174s1.exe” – which I’ve seen 3 times now.  I’ve also seen another called “setup_build8_239.exe” which has a standard windows setup icon inside it to ensure it’s apparent legitimacy!

Standard Anti-Virus Failure

The video shows the fake scan and the various failed attempts at closure I made.  The current IP address of the user (myself) shows to add an air of realism to it, although this is easily shown on any webpage.

Fortunately, in this video, IE8, even though the browser privacy and window size & positioning was mucked around by the malware-site, was finally closable with the normal close button at the top right.  On other sites, the only way to get out of the loop in both IE8 and Firefox, was to use Task Manger to crash the process down.  This worked, fortunately.

I downloaded the files purposely on some occasions for analysis….

ESET’s NOD32 (my AV program) failed to detect both these files as bad!  I uploaded both for analysis to ESET and one has since been found to contain a trojan, a variant of Win32/Kryptik.AWY trojan!  This trojan has been in the signature database since 21/10/2009 when NOD32 was the only AntiVirus program to detect it!  So things aren’t that bad.  Presumably, if I’d have ran the programs NOD32 would’ve kicked in, but I haven’t tried that yet.  The setup file was only first detected as malware yesterday, and then only by a few vendors.  The analysis of it’s actions is particularly revealing as along with a shed-load of new registry keys, it also modifies the ‘hosts’ file!

NOD32 wasn’t alone in this scanning detection failure.  I tried the online scanners of Trend, McAfee and AVG on the two files and they all failed to detect anything!  Time constraints meant I didn’t try Kaspersky, Symantech et al, but I’m fairly certain that the same results would’ve happened.

Conclusion

Everything is not as it seems!  Be very careful what you click on!

Send any suspicious file to VirusTotal.com as it has quite a crack at finding out the truth about files from it’s methodology of using most of the Anti-virus vendors.

As for my website here, the recent referrer back-links are now gone as they made me look like a pointer to bad sites, and I’m not.  Whether it’s possible for this sub-domain behaviour to be blocked, probably depends on the website owners, as it’s not the browser’s fault.

What I have noticed, is:

  • A lot of these malware sites are hosted at my old crap host, ixWebhosting.com  (If I recall, a setting exists to block sub-domain creation)
  • A lot of host sites are in Arizona, Florida and Utah
  • A lot of malware sites can be traced back to China & eastern European states.

Make of that what you will.  If I spot any more ‘tendencies’ or ‘co-incidences’, I’ll add them to the list.

Taliban Torture America

Pfc. Bowe R. Bergdahl, aged 23,

Afghan Soldier Captured: Pfc. Bowe R. Bergdahl, 23, of Ketchum, Idaho

Afghan Soldier Captured: Pfc. Bowe R. Bergdahl, 23, of Ketchum, Idaho

of Ketchum, Idaho, is a member of the 1st Battalion, 501st Parachute Infantry Regiment, 4th Brigade Combat Team, 25th Infantry Division, from Fort Richardson, Alaska.  He was captured in circumstances that aren’t clear and has appeared in a Taliban video (prev at http://www.latimes.com/news/nationworld/world/la-fg-afghan-soldier20-2009jul20,0,4913063.story), seen world-wide.

So far, it appears he’s been well treated, although three soldiers captured in Iraq by the same mob were all killed, so this must obviously prey on people’s minds.

Torture

(see my rampant post, Americans Love to Torture – OfficialIf you’re offended by it, you’re not listening.)

What I’d like to know, given that in a recent poll, over 50% of Americans think torture is okay, is he one of the 50%?  Are his parents?  Is his battalion commander?  Is US Military spokesman, Capt Jon Stock?  Is Navy Lt. Robert Carr, a spokesman for U.S. forces in Afghanistan?

Capt Stock said this, while condemning the use of the video.   He told Reuters news agency:

“The use of the soldier for propaganda purposes we view as against international law.”

Lt Carr said:

“The Taliban are using the soldier for propaganda purposes”

Illegal Imprisonment and Adherence to International Law

Now some facts.

  • The USA continues to imprison people in Guantanamo Bay without trial or due process.
  • The site in Cuba was obtained illegally and is operated illegally even under the ‘rules’, agreed under duress, of it’s illegal occupation.
  • The USA (& UK) has recently tortured people in strict denial of the rules of the Geneva Convention, their own laws and/or constitutions, and the UN Declaration of Human Rights.

Sad Chickens Roosting

Grim Reaper

Grim Reaper

So while people wring their hands over a very short list of very likely fates for Pte Bergdahl, it’s only karmic retribution for their historical and continuing acts.  They must change, as Obama was wont to say in his electoral campaign.

I say;

  • They cannot continue to act in this way, killing people with scythe-like impunity using robotic planes in some bizarre kids computer shoot-up.
  • They cannot continue to act towards people in flagrant disregard of their own constitution and laws.
  • They cannot even think that torture, of any kind, is okay.  Not just “don’t do it” – No!  They must not even think it.

Because what happens is that it’s all thrown back, tenfold.

Justice

New York´s Liberty Island - Statue Of Liberty & Seagull

A Beacon

Like Justice, being “seen to be done”, US actions, at home and abroad must be above reproach.

They must be a beacon – a pure demonstration of good civil behaviour, in words, thoughts and deedsThe beacon light though, is very dim.

Eagle Peak

Something like this was said by Shakyamuni – the Buddha of legend.  In Chapter 16 of “The Lotus Sutra”, a compendium of his later sayings, he said, in qualifying what it takes to be a Buddha (which anyone can be, let it be known):

When living beings become truly faithful, honest and upright, gentle in intent, single-mindedly desiring to see the Buddha, not hesitating even if it costs them their own lives, then I and the assembly of monks appear together at Eagle Peak.

Eagle Peak represents a place of happiness for all sentient beings.  It means that if you behave like that, happiness will undoubtedly appear – you will be a Buddha.

If you don’t, then shit happens.

The USA & UK are most definitely NOT “honest and upright, gentle in intent”, and the shit is happening.

Of course, the Taliban and all misogynist, small-minded folk like that are the absolute pits.  And yes, shit is happening for them as well! It’s not all hunky-dory by a long chalk.

The point is, that we (meaning the USA & UK) do not have to act like them.  The surest way to prove the justness of your cause is to behave properly.  In short,

  1. Don’t bomb haphazardly killing all in sight with a lame excuse.
  2. Don’t torture
  3. Don’t disregard your own laws and international laws of behaviour

Pfc. Bowe R. Bergdahl might then have a chance.

Comments are closed

Technical Xenophobic BBC Air Crash Reports

Introduction

You may not have noticed the co-incidence yesterday, but an Iranian aircraft crashed and the US Space Shuttle took off.  the co-incidence was in  the strange reporting that envelops such events.

Iranian Crash

Fly home, AF447

Fly home, AF447

This, as air crashes go, was pretty ordinary – something went wrong, it crashed, everyone died.  You’d expect some reasoned discussion, bearing in mind that one of the most modern and newest planes in the sky plummeted into the South Atlantic little over a month ago.

This is what the BBC said about it near the end of the piece:

The plane was built in Russia in 1987.

It was the third deadly crash of a Tupolev Tu-154 in Iran since 2002.

The BBC’s Jon Leyne says Iran’s civil and military air fleets are made up of elderly aircraft, in poor condition due to their age and lack of maintenance.

Since the Islamic revolution of 1979, trade embargoes by Western nations have forced Iran to buy mainly Russian-built planes to supplement an existing fleet of Boeings and other American and European models.

West v East technology

This is all well and good, but the deadly tone with an emphasis on old and/or Russian aircraft makes a bad taste in the mouth, does it not?…  Why?

A.  Because there’s very little technical difference between the Russian and Western aircraft.

challenger

Challenger

Indeed, on the very day that the Shuttle takes off, I’m reminded of the technical superiority of Russian astronautics and space exploration.  While not putting a man on the moon,  they pragmatically put a robot there instead, paving the way for the robots we now have placed on Mars & Venus, etc.

They have a long and distinguished history of space “firsts”…  But the ultimate irony is that the much vaunted Space Shuttle has had very public catastrophic failures in the past and is soon to be retired.  And until the US gets a new launch vehicle, for the next 4-6 years they will be relying on the Russians to put men in space!

Actual Crashes

So much for balance!  The BBC article then continues in a box-out,

IRANIAN PLANE CRASHES

Feb 2006: Tupolev crashes in Tehran, kills 29 people – E
Dec 2005: C-130 military transport plane crashes near Tehran, kills 110 – W
Feb 2003: Iranian military transport plane crashes in south of country, kills all 276 on board – E
Dec 2002: Antonov 140 commuter plane crashes in central Iran, kills all 46 people on board – E
Feb 2002: Tupolev crashes in west Iran, kills all 199 on board – E

Looks bad doesn’t it?

A Russian airliner that crashed near a city in the Urals, killing all 88 people on board, caught fire in mid-air, reports say.  The Boeing-737-500, belonging to a branch of the national airline Aeroflot, was on a flight from Moscow to Perm, near the Ural mountains.   One witness said the blaze lit up the whole sky

A Russian airliner that crashed near a city in the Urals, killing all 88 people on board, caught fire in mid-air, reports say. The Boeing-737-500, belonging to a branch of the national airline Aeroflot, was on a flight from Moscow to Perm, near the Ural mountains. One witness said the blaze lit up the whole sky

Compare and contrast this to this little list of large plane crashes (from the BBC article, but as a link), and count the relative abundance of Eastern versus Western manufactured planes…..

2009

15 July: A Caspian Airlines Tupolev plane crashes in the north of Iran en route to Armenia. All 168 passengers and crew are reported dead. – E

30 June: A Yemeni passenger plane, an Airbus 310, crashes in the Indian Ocean near the Comoros archipelago. Only one of the 153 people on board survives. – W

1 June: An Air France Airbus 330 travelling from Rio de Janeiro to Paris crashes into the Atlantic with 228 people on board. Search teams later recover some 50 bodies in the ocean. – W

20 May: An Indonesian army C-130 Hercules transport plane crashes into a village on eastern Java, killing at least 97 people. – W

6 April: An Indonesian army Fokker-27 crashes on landing near Bandung, West Java, killing 24 people. – W

25 February: A flight from Istanbul to Amsterdam crashes short of the runway at Schiphol international airport. Of the 135 people on board, nine are killed and at least 50 injured. – W

Forty-nine people were killed when a flight from Newark to Buffalo crashed in Clarence Center, a suburb of Buffalo, in New York state. One person was also killed on the ground.

Forty-nine people were killed when a flight from Newark to Buffalo crashed in Clarence Center, a suburb of Buffalo, in New York state. One person was also killed on the ground.

12 February: A passenger plane crashes into a house in Buffalo, New York, killing all 49 people on board and one person on the ground. – W

8 February: A passenger plane crashes into a river in the Brazilian state of Amazonas, killing 24 people, most of whom were from the same family. – W

2008

14 September: A Boeing-737 crashes on landing near the central Russian city of Perm, killing all 88 passengers and crew members on board. – W

24 August: A passenger plane crashes shortly after take-off from Kyrgyzstan’s capital, Bishkek, killing 68 people.- W

20 August: A Spanair plane veers off the runway on take-off at Madrid’s Barajas airport, killing 154 people and injuring 18.- W

Wreckage of the Spanair MD82, 21 August 2008 [Pic: EFE]

Three days of mourning was declared after the Madrid air disaster

2 May: South Sudan’s defence minister is among 22 people killed after engine trouble causes a plane carrying a military delegation to crash about 400km (250 miles) west of Juba. -N/A

15 April: Some 40 people die when a DC-9 skids off the runway while attempting to take off in the eastern Democratic Republic of Congo city of Goma during heavy rain, smashing through a wall and into a busy residential area.- W

24 January: Nineteen people die when a Polish Casa C-295M military transport plane crashes in the country’s north-west, carrying officials who had attended an air safety conference.- W

Conclusion

For 2008 to 2009, I make the totals, as reported by the BBC, 1 unknown, 12 (W)estern manufacture, 1 (E)astern manufacture.

Now do you see the technological xenophobia that I’m talking about?

Comments are closed

Man With Black Hat and the Iranian Bombing

Man with Black Hat Blames Everyone Else!

Investigation into Scottish WitchcraftAhmad Khatami, a member of the Assembly of Experts in Iran who has a black hat, has said that the fingertips of the West are definitely on the ghastly bombing in the south-east Iranian city of Zahedan on Thursday.  So it’s all my fault then…?

Three Hang in Edam Zahedan

Three Hang in Edam Zahedan

Interestingly, within two days of the blast, three previously arrested blokes were publicly hanged.  They were members of (yet another) Muslim group called Jundallah, the Soldiers of God.  They were executed for the crime of being Mohareb, which means Enemies of God, I’m told.

Surely even the dimmest of intelligences cannot miss the irony in this dichotomy?

I think, within that small statement lies the problem.  Until the two phrases are removed from the language and people’s minds, the Muslim peoples will continue to blow each other up into eternity.  How many more Mosques and Zahedans will that be?

The fact that there may be fifth columnists and agent provocateurs involved as Khatami claims is irrelevant.

The evil already exists in their minds and it’s this and their attitudes which must change.  It’s been like this for 1400 years!   It’s not a new thing!   This is neatly summarised by Daisaku Ikeda when he says:

It is the function of evil to divide; to alienate people from each other and divide one country from another. The universe, this world and our own lives, are the stage for a ceaseless struggle between hatred and compassion, the destructive and constructive aspects of life. In the end, the evil over which we must triumph is the impulse toward hatred and destruction that resides in us all.

In a related quote from the 13th century, Nichiren, the great Japanese monk , says:

“There are not two lands, pure or impure in themselves. The difference lies solely in the good or evil of our minds.” – On Attaining Buddhahood in This Lifetime – WND1, page 4

Much of Islam is now exactly where Scotland was 500 years ago in politics and religion.  Women were feared and any that weren’t subservient enough or found to be “too clever” were named as witches in summary trials dressed up with God and the Devil, and killed.  Thousands of them…   Men, fearful of a loss of status and the strange power of “the womb man”, would do anything to maintain it. ( Those with most to lose will do anything to keep what they have).  English society still has many vestiges of this chauvanism.

In Iran, the three men were executed following overwhelming evidence (he said) with the same evidence pointing to Western involvement.  Ahmad Khatami said so, and yet mysteriously, none was offerred in his highly public news conference or has been offered since.  Like the Bush & Blair ‘weapons of mass destruction’ lie, no evidence exists.

Of that we can be sure.

So the story continues, more people will die and the rabble-rousing man with a black hat still has power.

Comments are closed

© 2007-2013 Strangely Perfect All Rights Reserved