Investigating malware, I was led to a URL at mediafire.com, a file sharing site similar to RapidShare, that is intent on shoving popups in your face.
What (didn't) surprise me however, was an advert claiming to be an IM chat (yes of course it is), loaded via;
http://ad.xtendmedia.com/rw?title=New%20offer%21&qs=iframe3%3FJyUgAJKsCwA7WEoAAAAAAOUyFAAAAAAAAgAAAAAAAAAAAP8AAAABFGGqDAAAAAAA7IQXAAAAAABUaBsAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACwHAIAAAAAAAICAwAAAAAAAAAAAAAAAAAAAETEdQfxPwAAAAAAAAAAAAAcR8Rh%2ED8AAAAAAAAAAAAAaC%2EY6wJAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADUhB1RY6gmCHT9mTt993ypsMbxIcNzPpUtgdSEAAAAAA%3D%3D%2C%2Chttp%253A%252F%252Fwww%2Emediafire%2Ecom%252F%253F2nyneotbnwh%2CZ%253D0x0%2526y%253D28%2526s%253D765074%2526%5Fsalt%253D1263203474%2526B%253D10%2526r%253D1%2C42067dc2%2D5618%2D11df%2Da677%2D001d0963f677
This "advert", displayed what you see in the screenshot to the top left. Where did this lead you ask? Well as you've probably guessed by the title - it led me to myfuncards.com, a website owned by Mindspark/IAC, that peddles the likes of SmileyCentral, MyFunCards - collectively known as "Fun Web Products" (FYI: They're anything *but* "fun" for your computer or privacy).
Whilst not surprised to see this kind of advert loading that directs to them, it has to be asked why they've still not learnt that this kind of behaviour is just one of the reasons that many of us, both have them blocked for those using our services, and recommend people stay as far away from them as possible.
I've dropped an e-mail over to Kirk Lawrence at Mindspark, to see if we can get an explanation for this particular incident.
Sunday, 2 May 2010
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment