Blog for hpHosts, and whatever else I feel like writing about ....

Saturday 27 August 2016

Fixed: sURL.co.uk

Just an FYI folks, the issue with surl.co.uk producing an HTTP 500 has now been fixed. Sorry for the delay.

Saturday 6 August 2016

sevenforums.com: A lesson in screwing your users

Not content with the previous actions which at least used ads that weren't quite, it seems the owner of sevenforums.com has gone further down the "lets screw the users" path, in an effort to peddle crapware.

If you've been keeping up, you'll have seen the previous post I did on them, if not have wander, I'll wait;

https://hphosts.blogspot.co.uk/2013/07/alert-fake-google-chrome-and-yet-more.html

Now however, it appears the owner has thrown ethics and morals out of the window, users be damned. Now, if you happen on a thread that has certain keywords in the post, such as drivers, you'll see a link - but not a link the poster has put there themselves. No, this link goes to another domain owned by the same person that owns sevenforums.com (John Fairbrother, Designer Media Ltd) - win7.tips. This leads unsuspecting victims to reviversoft.com (paying more than SysTweak are they?).



And not surprisingly, it's the same story on his other sites;

hxxp://www.eightforums.com/drivers-hardware/10569-windows-8-alps-touchpad-driver.html



Only difference here, is it's not going via win7.tips, but via goo.gl, to;

hxxps://secure.reviversoft.com/576/cookie?affiliate=9809&redirectto=http://www.reviversoft.com/driver-reviver/lp/sf/wddc/index.php

And on;

hxxp://www.tenforums.com/drivers-hardware/5993-latest-realtek-hd-audio-driver-version.html



And;

hxxp://www.vistax64.com/sound-audio/64250-latest-realtek-hd-audio-driver-version-97.html



The disgusting parts here of course are;

1. These are not clearly marked as affiliate links/ads, but are disguised as regular links as if the posters themselves included them
2. They're leading to crapware
3. This is supposed to be a security forums, helping users clean up their machine - not have them get more crap on their machines!

By far the most disgusting however, and embarrassing for the rest of us, is the owner is supposed to be a Microsoft MVP!

Not surprisingly, these activities have landed his domains in hpHosts, with the MMT classification, and there they'll stay until this is stopped. Those of us that work in the security community are doing so to help users clean up and secure their machines etc. Those engaged in activities such as the above are doing entirely the opposite, for their own personal gain - users be damned, and this can not be tolerated.

hpHosts: Updated Saturday August 6th 2016

The hpHOSTS Hosts file has been updated. There is now a total of 422,975 listed hostsnames.

If you are NOT using the installer, please read the included Readme.txt file for installation instructions. Enjoy! :)
  1. Latest Updated: 06/08/2016
  2. Last Verified: 06/08/2016
Download hpHosts now!
http://hosts-file.net/?s=Download

Enjoy!