Tag Archives: Spam

Open Redirect at Ask.com

Spammers have found an open redirect in the ask.com website. These redirects are often used to mask their URL’s from RBL’s and services like Spamcop.

Redirect:
http://wzeu.ask.com/r?t=lyc&u=http://www.microsoft.com/

I have put Microsoft in as an example here anyone can put any URL in at he end to use this redirect. I have filed a support ticket with Ask about this.

A redirect that they were using at Go.com is still open a month later even after I sent them notice of it. (Lazy)

Yahoo! Search, Spam Abuse

Got some spam today using Yahoo! search URLs, this is nothing but an attempt to mask the domains (wallmast.com) from detection as spam:

http://search.yahoo.com/search?y=Search&p=wallmast.com&fr=sfp&ei=UTF-8
http://search.yahoo.com/search?y=Search&p=walleap.com&fr=sfp&ei=UTF-8
http://search.yahoo.com/search?y=Search&p=bumpcare.com&fr=sfp&ei=UTF-8
http://search.yahoo.com/search?y=Search&p=waittrip.com&fr=sfp&ei=UTF-8

Remember don’t ever go to spam websites they can contain exploits against your browser that can allow virus and such to be installed on your system without your permission.

Update 02/02/2009
Addded a new domain – walleap.com

Update 05/02/2009
Added new domains – bumpcare.com, waittrip.com

The Dirty Dozen

Sophos has revealed a lovely list of the top 12 countries when it comes to sending spam. While some of the entrants are no surprise the top placed United States is believed to be at this position because of the emergence of over 300 strains of the mass-spammed Stratio worm.

“Most unsolicited emails are now sent from zombie PCs – computers infected with Trojans, worms and viruses that turn them into spam-spewing bots. In the past hackers were very reliant on operating system vulnerabilities to convert an innocent computer into a zombie – now they are turning back to malware to trick users into running their malicious code, and opening the backdoor to hackers,” said Carole Theriault, senior security consultant at Sophos. “Hundreds of new versions of the Stratio worm have helped steadily increase the volume of spam seen travelling across the net.”

Sophos reveals “Dirty Dozen” spam producing countries