Clicky
Last visit was: Fri Jul 04, 2014 10:15 pm
It is currently Fri Jul 04, 2014 10:15 pm

Broken or Nonexistent Links


All times are UTC - 5 hours [ DST ]


 [ 80 posts ]  Go to page Previous  1, 2, 3, 4, 5, 6
Author Message
 PostPosted: Tue Apr 19, 2011 7:00 pm   
You are kiillllling-a my bizinisss!
User avatar

Joined: Tue Jun 27, 2006 2:01 am
Posts: 9227
AVG coughs up an Alert when trying to load that page -
Exploit Blackhole Exploit Kit error 2004

I even get the alert when loading these forum pages!

[EDIT: I snipped out the coding in my previous posting, because it was triggering an AV Alert in AVG's resident link checking]


Top
 Profile WWW  
 PostPosted: Wed Apr 20, 2011 9:52 am   
Site Admin
User avatar

Joined: Tue May 09, 2006 9:18 am
Posts: 5022
Crazy!

Okay thanks, Red, for sending me the resulting code you found there. This idiot really jumped the gun.

For security reasons I will not paste any code here, since I don't want Google or anyone else to flag InBoxRevenge as being potentially malicious.

He obfuscates a huge amount of text using a div which is hidden to contain raw text, then a huge series of obfuscated JavaScript functions which again ultimately strive to "eval" the resulting processed text.

If you try to view the output, the first thing the JavaScript outputs is a block of HTML:

Code:
<center><h1>404 Not Found</h1></center><hr>

Then a huger block of more straightforward JavaScript which attempts the following:

  • Java exploit
  • Browser plugin detection (Shockwave, MSXml, Flash, Shell helpers, Windows Media Player)
  • Two more Java exploits
  • Adobe Acrobat exploits (2)

Each of these are all known by various malware detection systems. As noted my entire office cannot even see that site, and it turns out the reason I couldn't see any JavaScript in their page source was because this was a further protection of the ESET anti-malware system. (Well done.)

I'm sure he snagged a few PC's with this but it's debatable wither it would be that many given that most of these are covered by at least a year's worth of patches and upgrades.

SiL


Top
 Profile  
 PostPosted: Wed Jan 23, 2013 1:48 pm   
Spammer Obliterator
User avatar

Joined: Fri Jun 15, 2007 7:05 pm
Posts: 2261
The joe-jobbers are getting sloppy -- let's hope it means they are getting desperate, too. I have received a few like this one:

Quote:
Subject: Smoking blends and mixes

We offer best quality smoking blends and smoking mixes.
From complete relaxation to the inexhaustible energy.

And that's it. Of course in this case I happen to know the URL they forgot is http://aromavip.net/ ... :roll:

_________________
Arf, she said


Top
 Profile  
 PostPosted: Thu Jan 24, 2013 4:40 pm   
Site Admin
User avatar

Joined: Tue May 09, 2006 9:18 am
Posts: 5022
Worse than that, all the links on that site point to pages that don't exist.

A rrrreally pro operation obviously. :)

SiL


Top
 Profile  
 PostPosted: Thu Jan 24, 2013 6:18 pm   
Spammer Obliterator
User avatar

Joined: Fri Jun 15, 2007 7:05 pm
Posts: 2261
spamislame wrote:
Worse than that, all the links on that site point to pages that don't exist.

A rrrreally pro operation obviously. :)

Dammit!

As I said, that was a joe-job mail. I knew the URL they missed because I also got dozens of identical ones which did include the URL. But now the joe-jobbers obviously have once again got what they wanted:

Quote:
Информация для посетителей сайта:
Данный сайт временно не работает.
Информация для владельцев сайта:
Пожалуйста, свяжитесь со службой технической поддержки support@mchost.ru
С уважением, хостинг Макхост

"Information for visitors:
This site is temporarily unavailable.
Information for owners:
Please contact technical support support@mchost.ru
Sincerely, Makhost hosting"

Well, I sent them some feedback.

This is a new plague... :(

_________________
Arf, she said


Top
 Profile  
 [ 80 posts ]  Go to page Previous  1, 2, 3, 4, 5, 6

All times are UTC - 5 hours [ DST ]


Who is online

Users browsing this forum: Exabot [Bot], Wayback machine and 0 guests


You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot post attachments in this forum

Jump to:  


Powered by phpBB © 2000, 2002, 2005, 2007 phpBB Group
Style originally created by Volize © 2003 • Redesigned SkyLine by MartectX © 2008