Blog for hpHosts, and whatever else I feel like writing about ....

Saturday 6 August 2016

sevenforums.com: A lesson in screwing your users

Not content with the previous actions which at least used ads that weren't quite, it seems the owner of sevenforums.com has gone further down the "lets screw the users" path, in an effort to peddle crapware.

If you've been keeping up, you'll have seen the previous post I did on them, if not have wander, I'll wait;

https://hphosts.blogspot.co.uk/2013/07/alert-fake-google-chrome-and-yet-more.html

Now however, it appears the owner has thrown ethics and morals out of the window, users be damned. Now, if you happen on a thread that has certain keywords in the post, such as drivers, you'll see a link - but not a link the poster has put there themselves. No, this link goes to another domain owned by the same person that owns sevenforums.com (John Fairbrother, Designer Media Ltd) - win7.tips. This leads unsuspecting victims to reviversoft.com (paying more than SysTweak are they?).



And not surprisingly, it's the same story on his other sites;

hxxp://www.eightforums.com/drivers-hardware/10569-windows-8-alps-touchpad-driver.html



Only difference here, is it's not going via win7.tips, but via goo.gl, to;

hxxps://secure.reviversoft.com/576/cookie?affiliate=9809&redirectto=http://www.reviversoft.com/driver-reviver/lp/sf/wddc/index.php

And on;

hxxp://www.tenforums.com/drivers-hardware/5993-latest-realtek-hd-audio-driver-version.html



And;

hxxp://www.vistax64.com/sound-audio/64250-latest-realtek-hd-audio-driver-version-97.html



The disgusting parts here of course are;

1. These are not clearly marked as affiliate links/ads, but are disguised as regular links as if the posters themselves included them
2. They're leading to crapware
3. This is supposed to be a security forums, helping users clean up their machine - not have them get more crap on their machines!

By far the most disgusting however, and embarrassing for the rest of us, is the owner is supposed to be a Microsoft MVP!

Not surprisingly, these activities have landed his domains in hpHosts, with the MMT classification, and there they'll stay until this is stopped. Those of us that work in the security community are doing so to help users clean up and secure their machines etc. Those engaged in activities such as the above are doing entirely the opposite, for their own personal gain - users be damned, and this can not be tolerated.

2 comments:

BoaterDave said...

What a great post, Steven. :-)

I have no doubt at all that there are OTHER bad apples in the MVP barrel.

Have you ever explored here? http://dtsl.mvps.org/gallery.htm

Can you tell me, please, why I cannot find YOU when I search here? https://www.mvp.microsoft.com/

MysteryFCM said...

The profiles on mvp.microsoft.com got removed when they switched us over to Insider MVPs.

Hadn't seen the dtsl page before, no. For now, I'm listed on the unofficial MVP page at;

http://blogs.msmvps.com/insiders/mvp-listing