- http://games.free.tripod.com/arabsex.com.html
- Posted by sexy girl on March 16th, 2008
http://games.free.tripod.com/arabsex.com.html
- Posted by David H. Lipman on March 16th, 2008
From: "sexy girl" <Bnt.Omhaa@gmail.com>
| hxxp://games.free.tripod.com/arabxx.com.html
This site uses a malicious Javascript to cause a driveby download from another site.
--
Dave
http://www.claymania.com/removal-trojan-adware.html
Multi-AV - http://www.pctipp.ch/downloads/dl/35905.asp
- Posted by hummingbird on March 16th, 2008
On Sun, 16 Mar 2008 12:43:19 GMT 'David H. Lipman'
wrote this on alt.comp.freeware:
Thanks for that warning David. It sounds like the same type of crap
that I got caught by last year when I loaded the old pricelessware
website advertised in Susan Bugher's regular sigline. She still has
not explained why she continues to advertise that old website.
--
"All truth passes through three stages.
First, it is ridiculed, second it is violently opposed,
and third, it is accepted as self-evident"
(Arthur Schopenhauer)
- Posted by David H. Lipman on March 16th, 2008
From: "hummingbird" <hummingbird@127.0.0.1>
|
| Thanks for that warning David. It sounds like the same type of crap
| that I got caught by last year when I loaded the old pricelessware
| website advertised in Susan Bugher's regular sigline. She still has
| not explained why she continues to advertise that old website.
|
You have to realize that a legitimate site can be hacked and thus redirect you to a malware
site.
This is all *too common* !
This site is deliberately malicious and stems from Saudia Arabia.
--
Dave
http://www.claymania.com/removal-trojan-adware.html
Multi-AV - http://www.pctipp.ch/downloads/dl/35905.asp
- Posted by hummingbird on March 16th, 2008
On Sun, 16 Mar 2008 14:55:46 GMT 'David H. Lipman'
wrote this on alt.comp.freeware:
You're absolutely right. IIRC the redirection I suffered was to a
malware website hosted in Hong Kong which then proceeded to d/l
a trojan onto my system. That took some cleaning up...
I assume the hacking was actually done to the website on the hosting
company's server. I sent an e-mail alert to them but got no reply,
possibly they wanted to play the whole thing down.
Quotes from the Koran maybe? ;-)
--
"All truth passes through three stages.
First, it is ridiculed, second it is violently opposed,
and third, it is accepted as self-evident"
(Arthur Schopenhauer)
- Posted by Franklin on March 17th, 2008
On Sun 16 Mar 2008 16:39:19, hummingbird <hummingbird@127.0.0.1> wrote:
Hummingbird. you were so proud that you have no anti-virus software
running on your machine. But you had a back-level browser and had
failed to update its security patches.
Pride comes before a fall.
You were a fool. And ended up paying the price.
ISTR no one else posted to say they were affected.
- Posted by David H. Lipman on March 17th, 2008
From: "BoB" <me@box.invalid>
|
| Dumped by tripod.
|
| BoB
What do you mean "Dumped by tripod".
I just downloaded 'arabsex.com.html'.
--
Dave
http://www.claymania.com/removal-trojan-adware.html
Multi-AV - http://www.pctipp.ch/downloads/dl/35905.asp
- Posted by David H. Lipman on March 18th, 2008
From: "BoB" <me@box.invalid>
| On Mon, 17 Mar 2008 00:40:23 GMT, "David H. Lipman"
| <DLipman~nospam~@Verizon.Net> wrote:
|
| I can't get there.
|
| I see this msg from the complete url, with x's changed to t's:
| hxxp://games.free.tripod.com/arabxx.com.html
|
| Sorry, but the page or the file that you're looking for is not here.
| Try the search box below to find more information about your topic.
|
| Using arabxx.com.html, I see:
|
| Firefox can't find the server at arabxx.com.html.
|
| We are likely using different browsers and/or security settings.
|
| BoB
|
That's because I altered the URL to protect you.
Unfortunately, the real site is still live and bearing the malicious script.
--
Dave
http://www.claymania.com/removal-trojan-adware.html
Multi-AV - http://www.pctipp.ch/downloads/dl/35905.asp
- Posted by David H. Lipman on March 18th, 2008
From: "sexy girl" <Bnt.Omhaa@gmail.com>
The Tripod site has been taken down!
--
Dave
http://www.claymania.com/removal-trojan-adware.html
Multi-AV - http://www.pctipp.ch/downloads/dl/35905.asp
- Posted by David H. Lipman on March 19th, 2008
From: "BoB" <me@box.invalid>
| Apparently. Its had this msg for a couple days now:
|
| The page you are attempting to access has been removed because it
| violated Tripod's Terms of Service. Please check out Tripod's Help
| system for more information.
|
| BoB
Compare the above URL with my altered URL. They aren't the same.
--
Dave
http://www.claymania.com/removal-trojan-adware.html
Multi-AV - http://www.pctipp.ch/downloads/dl/35905.asp
- Posted by Joosy on March 19th, 2008
"BoB" <me@box.invalid> wrote in message
news:95u2u3duberos6daccqo8stfbecngpi0sk@4ax.com...
Take note all malware writers. Forget the "free beer" link. All you need to
do is write "Caution malicious web site" and Bob starts worrying he can't
access it <vbg>.
- Posted by David H. Lipman on March 20th, 2008
From: "BoB" <me@box.invalid>
|
| I've said several times I changed to 2 x's to 2 t's and Tripod says
| the site was illegal and has been closed down. It was confirmed by
| another viewer.
|
| I like to test my system occasionally but can do nothing with this
| merry-go-round we're on. I'm getting no where. Let's move on.
|
| BoB
|
YW for identifying the malicious script, for submitting the malware in the drive by download
and for getting the site shutdown. :-)
--
Dave
http://www.claymania.com/removal-trojan-adware.html
Multi-AV - http://www.pctipp.ch/downloads/dl/35905.asp
