Visar inlägg med etikett abuse. Visa alla inlägg
Visar inlägg med etikett abuse. Visa alla inlägg

tisdag 19 februari 2013

Abusing tumblr to spread malware

A friend kindly shared this link with me http://gta5updates.tumblr.com/,
then after that we go to http://tumblr.comlu.com/...

and pie, there is a java applet


Pretty fun to see that tumblr can be abused like that, i have never seen it before...
How ever for reporting a tumblr a mail is fine (that nice)
http://tumblring.net/how-to-report-people-on-tumblr-for-abuse/
Upplagd av kl. Inga kommentarer:
Etiketter: , ,

fredag 14 december 2012

Adf.ly abused to spread malware

Adf.ly is a little bit like bit.ly not, the different is that you get paid for every click and the visitor have to wait 5 seconds before clicking skip ads. How ever it's quite popular among less talent cyber criminals to abuse it.
Providing warez on Youtube, in description the download link can be masked from being a quite suspicious url to a short and more legit looking url. The only lame thing is that they don't usally provide a direct link after no instead they have to have some shit survey before there i just lose interested.

Enought off that
there you have screen off response off one account i have reported.
Makes me happy :)

Upplagd av kl. Inga kommentarer:
Etiketter: , , ,

tisdag 11 december 2012

Abusing free domain and web hosting to sell drugs [Updated]

For a few days i visited Flashback,
How ever i forgot to print screen the forum post.
And the webpage it self it a little big to be print screened but i added one off the picture to post :).


In Sweden drug's are illegal, but buying them is quite easy. A lot off web based  shops does exist and have been around for long time.

The shop i found used http://www.nick.tk to get a free .tk domain, .tk are also being abused for malware.
Tho not by the big player mostly by noob and poor malware user.

The domain thy have/had where http://spicekungen.tk/,  how ever they did not use DNS  redirct instead just a iframe. Self explaining src="http://kryddor.n.nu" after that it appear that they used n.nu to host the content it self.

 <frame frameborder=0 src="http://kryddor.n.nu" name="dot_tk_frame_content" scrolling="auto" noresize>

 And it turn out to be true, view-source:http://www.kryddor.n.nu/
Finally i send one mail to abuse@nick.tk and another to abuse@n.nu.
Will update once i receive a answer hope fully it's the end off that store.

 According to n.nu they have closed the "site",
and a print screen off website can you view here

Upplagd av kl. Inga kommentarer:
Etiketter: , , , , , ,
Prenumerera på: Inlägg (Atom)