This blog is dedicated to revealing and destroy all forms of Malware; SPAM, VIRUS, Adware, Spyware.
|
Copyright 2005 Randy Charles Morin
Part of the KBCafe blog network
|
|
Copyright 2005 Randy Charles Morin
Part of the KBCafe blog network
|
PR: ASC today unveiled its final, consensus definition of spyware, which was developed by coalition members including major anti-spyware companies, software developers and public interest groups.
http://www.antispywarecoalition.org/documents/definitions.htm
I report a tremendous amount of clickfraud and splogs to Google in various manners (email and clicking on Ads by Google, filling out the form). In early September, I noticed that Google was terminating Blogspot and AdSense accounts that I was reporting. This has stopped. Obvious clickfraud and splog accounts are no longer being terminated by Google. Splogging accounts I reported more than a month ago remain active (both AdSense and Blogspot). Accounts where the blogger actively encouraged clickfraud remain active (AdSense). This is very disturbing. I've backed Google in the past, because I did see some accounts being terminated, but of late, that has stopped being true. Don't be evil? Google's failure to address splogs is verging on evil.
Unless things change in the next week, I will begin publishing the splogs that I've uncovered, reported to Google and remain active.
Update: An an employee of Google has contacted and I sent him the relevant communications (the list of splogs). I hope there's action.
Wired: Blogger recently added a word-verification system, Captcha, to the blog-creation process.
Randy: It's amazing how misinformation can spread. Wired reporter Nicole Lee has followed Mark Cuban's lead in claiming that Blogger just recently implemented word-verification during the blog-creation process. Fact is, they added it six months ago. A new problem with the fight against splogs is the amount of misinformation being spread by bloggers and the media.
Last week, I reported a tale about possible DHS keylogging. The tale is revealed at snopes.com as a complete hoax.
Claim: Account claims Dell is selling computers with keyboard loggers installed at the behest of the Department of Homeland Security.
Status: False.
Although furtive eavesdropping on computer activity is certainly possible, the specific tale presented [cut] is nothing more than an example of "government conspiracy" type hoaxlore.
Niall Kennedy: Google provides a full suite of services for the entry-level blog spammer. There are plenty of legitimate uses for all of these Google services, but Google's market-leading position in search creates a spam ecosystem that inflates corporate revenues, index size, and user data. Google's blog hosting service, Blog*Spot, received a lot of attention this week as blogosphere neighbors threw up their arms in protest of the host, which is like the seedy motel at the edge of town that rents by the-hour.
Randy: Niall does a good job of enumerating the services Google provides that are being repurposed by sploggers.
TechWeb: Hackers and scammers have suddenly turned to a new technique to hide malicious JavaScript on compromised or criminal sites, a security researcher said Thursday. According to Dan Hubbard, the senior director of security and research at Websense, a family of obfuscation routines with the umbrella name of "JS/Wonka" has spread wildly in the last few weeks.
Matt Cutts: You see a low-quality site that is running AdSense. If you run across a site that you consider spammy and it has AdSense on it, click on the “Ads by Goooooogle” link and click “Send Google your thoughts on the ads you just saw”. Enter the words spamreport and jagger1 in the comments field.
http://www.mattcutts.com/blog/update-jagger-contacting-google/
Randy: OK, I've seen this suggested several times now. I think I'm gonna start following this procedure and tracking the results.
SEOBlog: As the average commission earned by sites running AdSense generated advertising is approximately $20/month, webmasters working this type of scheme need to create hundreds, if not thousands of pages to make a living. In order to create those pages and attract ad-clicking visitors, content must be created, begged, borrowed, or most commonly, simply stolen. Known as Splogs , these sites only exist to game Google in one way or another, mostly for money but also for increased search rankings or as a means of manipulating search spiders.
http://news.stepforth.com/blog/2005/10/splogs-scraping-adsense-fraud.php
Contentious: Hello, Google? I know you like it when people use Adsense, but this really is a problem and you should do something about it.
Robert Stockton: To help the rest of the 'sphere feel more comfortable with your less-than-popular neighbors, I'd like to introduce you to some of the other colorful players on the block and their wily splogging ways.
http://blog.blogpulse.com/archives/000424.html
Randy: A great article profiling various splogger archetypes.
Splogspot has added a recently submitted splogs page and has RSS support. Now you can read all the splog from the safety of your RSS reader and no longer have to subject yourself to blogosphere search engines to get your splog fix. You can submit splog here.
AP: MySpace hired Greco to write a computer program that would send its users instant message ads for adult and mortgage refinancing Web sites. [cut] After sending the spam e-mails, Greco contacted MySpace and requested permanent employment to guard against more spam and to get exclusive rights to send commercial e-mail through the site. When his request was ignored, prosecutors said, Greco threatened to tell others how to spam MySpace users.
Randy: The plea says that MySpace hired Greco originally to SPAM its own users.
 |
I came across this captcha today. Any ideas what I should type? |
SplogSpot is a lot like Weblogs.com, but for reporting new splogs. Users can submit blogs as SPAM. Developers can use their API to determine if a blog is SPAM.
Mark Cuban: We shut out adding new blogspot posts to our index until we clean all the bullshit you dumped on us out of our indexes. We will turn them on once we update our filters to resolve this fine mess you got us into , which hopefully will be tomorrow
http://www.blogmaverick.com/entry/1234000717063627/
Randy: When Mark says we, he means IceRocket.
Just wanted to let you know I brought up your post internally. We'll be doing something about it shortly. Sorry for the trouble it caused you and thanks for bringing it up!
Chris Pirillo does a screencast where he enumerates the domains that are hosting splogs that showed up as 403 new PubSub search results.
AP: A man described as one of the nation's leading senders of spam says an FBI raid on his home office has halted his e-mail operation. [cut] Ralsky, 60, has said that he has 150 million or more e-mail addresses, and he has been a target of anti-spam efforts for years. Verizon Communications Inc. sued him in 2001, saying he shut down its networks with millions of e-mail solicitations.
http://news.yahoo.com/s/ap/20051017/ap_on_hi_te/spam_king_2
Randy: Here's the problem, even though we've known him to be a SPAMmer, it took us 4 years to act on that knowledge.
A new Website to fight splog. FightSplog.com. They have a blog. Subscribed.
Chris Pirillo: In the past few days, I've been inundated with an enormous amount of subscribed search spam for designated keywords. 99% of the crap coming in is directly from a single domain: blogspot.com.
http://chris.pirillo.com/blog/_archives/2005/10/16/1302867.html
Randy: Confirmed! I get much of the same. At one point, it looked like Google was shutting down the Blogspot SPAM and even shutting down Adsense on splogs. This seems to have stopped. I don't think Google needs to shutdown Blogspot.com, but surely they need to devise a strategy to stop the splogs.
FinancialTimes: Microsoft, the world's largest software company, yesterday agreed to help the Nigerian government fight internet crime, such as online fraud, spam emails and viruses.
http://news.ft.com/cms/s/02c8d140-3d19-11da-83c8-00000e2511c8.html
InformationWeek: The Office of the Massachusetts Attorney General is looking for Leo Kuveyev, the leader of the "Internet Spam Gang," whose illegal spam operation was fined $37 million by a Boston judge this week.
http://www.informationweek.com/story/showArticle.jhtml?articleID=172301006
Top Tech News: 26.4 percent of the world's spam emanated from the United States. [cut] South Korea was 19.7 percent of the world's spam. [cut] China was pegged at 15.7 percent. [cut] France (3.4 percent), Brazil(2.6), Canada (2.5), Taiwan (2.2), Spain (2. 2), Japan (2.0), Britain (1.5), Pakistan (1.4) and Germany (1.2) rounded out the "dirty dozen."
Sophos: The United States and Canada have significantly reduced their role in the problem.
http://www.toptechnews.com/story.xhtml?story_id=0310035BMDVS
Hal Turner: Computer manufacturers appear to be cooperating with the Department of Homeland Security to make every person who buys a new computer subject to immediate, unrestricted government recording of everything they do on those computers! EVERYTHING! This information can be sent to DHS, online, without your knowledge or consent, without a search warrant or even probable cause! That's why this device is hard-wired directly into the ethernet card, which communicates over the internet!
http://www.halturnershow.com/KeystrokeLoggersInAllNewComputers.html
Randy: Would love a confirmation! Anybody else see something like this? No, I'm not opening my laptop to check. I'm not a hardware person.
Here's an email I've been getting quite often these last few days.
Hello kbcafe.com,
I've visited your website http://www.[Name] today, and really like it.
John Leyden: Claims that user authentication schemes will reduce spam are not just wrong but "wrongheaded", a security researcher warned on Friday.
Randy: I don't buy this. Read the article and you'll note it lacks any real substance. The argument seems to be "it's not just breakable but trivial to break" and therefor it's bad.
The Register: Dutch police have arrested three people for building a worldwide zombie network of more than 100,000 PCs used to launch internet attacks on companies and to hack into bank and Paypal accounts.
http://www.theregister.co.uk/2005/10/07/dutch_police_smash_zombie_network/
Chet: Well I am going to save millions of dollars of research for yahoo. Want to stop a bunch of spam, yahoo? Stop hosting spammers.
Mark Rasch: On July 21, 2005 a federal grand jury in the Southern District of California indicted 25 year old Carlos Enrique Perez-Melara for writing, advertising and selling a computer program called "Loverspy," a key logging program designed to allow users to capture keystrokes of any computer onto which it is installed.
BetaNews: California Governor Arnold Schwarzenegger signed into law on Friday a bill that makes "phishing," or identity theft, scams a civil offense.
Randy: Another lame attempt at legislation. This law give users the right to sue for a half million after-the-fact. Guess what? Phishers aren't running operations out-of California. They're in Russia and China and not likely to show up to trials in California.
| Top Articles | |
|---|---|
