Blog for hpHosts, and whatever else I feel like writing about ....

Friday, 20 January 2012

Formspring continued - this time it's as the MITM

Well, seems they're not keeping on top of it that well, still a few from this morning still active;

These are redirecting to, which then redirects to various locations. Most phishing, and one or two SMS fraud/malware.[Will]Resident%20Evil%20Archives%20Resident%20Evil%20[2009,%20Action%20/%20RPG]&size= uses a .jar that calls out to, and then via, downloads a .3gp file via the following;

References update

Alert: abuse Second verse, same as the first abuse continuing

Alert: abuse surge

Real International Business Corp = NatCoWeb (AS46636)


Kim Taver said...

Do you think it may be one of the many easy seo programs out there?

MysteryFCM said...

Due to the sites involved, it's highly unlikely.