|
2007-04-18, 01:31 PM | #1 |
If there is nobody out there, that's a lot of real estate going to waste!
Join Date: Dec 2003
Posts: 2,177
|
Bunch of new thiefware testing 4 U
A guy at the zoo is running a bunch of sponsor tests on an infected machine.
http://www.gfy.com/showthread.php?t=722960 attn: Hoes.com This post show something happening on your site http://www.gfy.com/showpost.php?p=12236585&postcount=39 |
2007-04-18, 05:25 PM | #2 |
Certified Nice Person
|
Does a Zango pop-up at a site mean that that particular domain is somehow sponsoring that pop? Or does it mean that the scumware is targetting that domain for some other reason?
__________________
Click here to purchase a bridge I'm selling. |
2007-04-18, 06:41 PM | #3 |
If there is nobody out there, that's a lot of real estate going to waste!
Join Date: Dec 2003
Posts: 2,177
|
Maybe both, or maybe they are popping because of a sponsor link on the page.
Apparently Hoes isn't the only LL/TGP that it is happening on. Until sponsors put in place backend checks for this shit, canning individual affiliates using it isn't going to accomplish much. I believe there is a way for sponsors to get on an excluded list also, so perps can't send traffic to their sites, or use their trademarks/domains. Remember these low lifes can even steal your typein/SERP traffic, thus causing you to payout to them, what should have been 100% profit signups. |
2007-04-18, 08:33 PM | #4 |
Oh no, I'm sweating like Roger Ebert
|
Anyone willing to pay the price can purchase keywords from them. So I could target my keywords for any domain and basicly redirect the traffic from them.
|
2007-04-18, 09:34 PM | #5 |
Certified Nice Person
|
So basically, scumbags are purchasing popular free porn site names, like Hoes, Tommy's, etc, in order to steal their traffic through Zango infected browsers. And the surfers getting the pop-ups are going to naturally assume that it is Marc and/or Tommy producing those pops, since they appear at their sites. Fucking wonderful. Any one of us could be falling victim to this type of keyword theft and we wouldn't even know it.
__________________
Click here to purchase a bridge I'm selling. |
2007-04-18, 10:35 PM | #6 | |
Oh no, I'm sweating like Roger Ebert
|
Quote:
Or worse they actually buy into the "voluntary install" crap and actually believe that this is a service to them and not a huge disservice. |
|
2007-04-19, 07:50 AM | #7 | |
Banned
Join Date: Aug 2003
Location: Mohawk, New York
Posts: 19,477
|
Quote:
Just as an example, adwaresucks is getting about 180k unique visitors/month. And it doesn't seem to be dropping. |
|
2007-04-19, 08:35 AM | #8 |
Don't get discouraged; it's usually the last key that opens the lock...
|
Sexsearch.com.. seems to be a big supporter of Zango traffic.
"Contact us let's make a deal... We'll sell you your stolen traffic back at a discount!" Good shit... Am I correct on this thinking or am I way off base here? I am sometimes wrong.... |
2007-04-19, 08:37 AM | #9 |
Certified Nice Person
|
I don't mean free sites as in the kind we submit to link lists. I meant BIG free porn link sites like Tommy's, Hoes, and the LOR. That zoo thread reported Zango pops on Hoes and Tommy's, which I assume means that some scumbag has purchased those domains as keywords.
__________________
Click here to purchase a bridge I'm selling. |
2007-04-19, 08:42 AM | #10 |
Banned
Join Date: Aug 2003
Location: Mohawk, New York
Posts: 19,477
|
That's what I mean too Useless. If you look at the pop ups, they are for different programs. If you were running the same programs, they would pop up on your sites too.
When I tested adwaresucks, I used link-o-rama with my machine infected to see how it worked. It wasn't a link-o-rama keyword that caused it...it was a sponsors program. |
2007-04-19, 08:43 AM | #11 | |
Don't get discouraged; it's usually the last key that opens the lock...
|
Quote:
|
|
2007-04-19, 08:47 AM | #12 |
Banned
Join Date: Aug 2003
Location: Mohawk, New York
Posts: 19,477
|
I think if someone does buy a keyword for a specific site, it would only work for a very short time. With Greenie using the htaccess file, zango users get redirected to adwaresucks. So, any link-o-rama keyword is worthless.
|
2007-04-19, 08:57 AM | #13 |
Banned
Join Date: Aug 2003
Location: Mohawk, New York
Posts: 19,477
|
I just read the thread again and I think they are just using tommys and hoes for testing. I am surprised that they aren't using some sort of htaccess file to take care of that.
|
2007-04-19, 09:01 AM | #14 |
Banned
Join Date: Aug 2003
Location: Mohawk, New York
Posts: 19,477
|
Oh yeah, if anyone is worried about their site being targeted, they can create an htaccess file here
http://adwaresucks.com/webmasters/ And since nobody makes a dime from adwaresucks, you can change the target site to anyplace you like. Or even create your own zango page on our server using css. |
2007-04-19, 09:19 AM | #15 | |
Don't get discouraged; it's usually the last key that opens the lock...
|
Quote:
Not that my site has been targeted or is big enough to become a target, but I have used your htaccess fix and now I won't worry. |
|
2007-05-03, 12:34 AM | #16 | |
If you really need money, you can sell your kidney or even your car
Join Date: Mar 2005
Posts: 373
|
Here are some more about people using this stuff:
http://www.gofuckyourself.com/showthread.php?t=728914 Note this: http://www.sophos.com/security/analyses/trojzlobpe.html Quote:
|
|
2007-05-03, 12:46 AM | #17 |
If you really need money, you can sell your kidney or even your car
Join Date: Mar 2005
Posts: 373
|
Looking into these counter measures in Dealing with Zango (via .htaccess), can't they simply cloak the user agent to avoid this in future versions?
It is a good idea what you are doing and it is great that it works for now, but I don't think this defense will hold for long. If I can think up this simple way to get around it, I'm sure the team of programmers they undoubtedly have could too. |
2007-05-03, 06:47 PM | #18 |
If there is nobody out there, that's a lot of real estate going to waste!
Join Date: Dec 2003
Posts: 2,177
|
Hey Jim:
Did you catch this site mentioned by Adam from Wild Cash? http://stopbadware.org/ You might want to hook him up with http://adwaresucks.com/ |
2007-05-03, 07:39 PM | #19 |
Banned
Join Date: Apr 2007
Location: Hell
Posts: 817
|
How come these fuckwits are allowed to get away with it?
I've noticed flashcash sites using AFF in an exit console, seems unusual to me so is that part of all this? |
|
|