Computer Hope
Software => Computer viruses and spyware => Topic started by: Geek-9pm on March 30, 2009, 03:58:42 PM
-
WARNING New scam targets User Forums.. activationlink.co
A new user will ch eck in with something like this:
Hello, I dont know if I am writing in a proper board but I have got a problem with activation,
link is not working... http: // activationlink.co/,
DO NOT try the link. (I broke it on purpose.)
The user names changes, but the text is the same.
-
err- a scam gets money from the victim- this seems to be SPAM.
-
I'm not able to investigate the link right now but what is the exploit?
-
I saw that on in a advertisement it crashed my browser. DONT GO THERE!
-
Is that the right link?
hxxp://activationlink.com
Not finding it in any of the databases.
http://www.mywot.com/en/scorecard/www.activationlink.com
https://safeweb.norton.com/report/show?url=activationlink.com&x=12&y=11
http://www.siteadvisor.com/lookup/?q=activationlink.com
Appears clean. http://unmaskparasites.com/security-report/
-
Can't find out what it is because it somehow is very clever.
If will show up on forums using PHP. The would include this forum. I found it on a a site using SMF. The are dozens, maybe hundreds of sites getting this post. I think it is called a
Santy Worm
But I don't have enough knowledge to confirm this. It attacks PHP code
There is no such site.
-
I used Sandboxie and visited. It's just a generic search provider hosted on Godaddy servers. Didn't have time to look around too much but I never was able to find anything malicious.
www.sandboxie.com <- Great for investigating malicious sites.
I think it's just a spammer trying to generate traffic.
-
It's just a generic search provider
Thanks for checking it out. for some reason my ISP or browser blocks that site.
My limited research indicated that is was part of a PHP attack.
Because no harm was done, that does no prove lack of malicious intent.
The attack is very widespread and seeks out user forums.
-
Yea I saw it in my Google search. It's definitely not to be trusted!
-
I recently found this site: http://www.tkafeestekene.be/index.php?option=com_akobook&Itemid=29 (http://www.tkafeestekene.be/index.php?option=com_akobook&Itemid=29) The link will take you to their guestbook where you can see many of these messages spammed.
The website is for a German cafe but you can see all the messages in the guestbook.
The links are broken.
-
Great, so these people come here and post links in (a href=) with a bogus description. Is there a way to set up description tags like slashdot has?