Baby Astronaut Posted December 23, 2009 Posted December 23, 2009 I followed a link to newscientist.com and got redirected to spam, don't know how exactly. Could a banner ad do that by itself? Just want someone to check the link, that can do it safely (in other words please make sure you're a computer expert ). Here's the path I took and the redirects according to my viewing history (on Firefox). I had gone to the Wikipedia link below and clicked on the footnote #11 link... http://en.wikipedia.org/wiki/Schrodinger%27s_cat 11. Chown, Marcus (2007-11-22). "Has observing the universe hastened its end?". New Scientist. Retrieved 2007-11-25. It began taking me to newscientist.com but (according to my history view) instead redirected me 2 or 3 times... http://www.newscientist.com/article/mg19626313.800-has-observing-the-universe-hastened-its-end.html Has observing the universe hastened its end? - physics math - 22 November 2007 - New Scientist http://www.newscientist.com/channel/fundamentals/mg19626313.800-has-observing-the-universe-hastened-its-end.html mg19626313.800-has-observing-the-universe-hastened-its-end.html http://bestscan11.com/1/?sess=%3DWQ51jDwMS01MSZpcD0yMDguNTguMTE0LjI5JnRpbWU9MTI2NjMwOA0MaQ%3DO Computer Security http://1uktimes.cn/go.php?id=2006-51&key=0522c7066&d=1 go.php At the end I had a pop up about my computer not being secure or whatever nonsense. I'd just like to make sure it wasn't a fluke and -- just as importantly -- isn't harmful. Plus if not a fluke I'll remove the offending link from Wikipedia.
StringJunky Posted December 24, 2009 Posted December 24, 2009 The uktimes.cn link is a redirect to the bestscan site which apparently has a fake antivirus for download. These sites are flagged as very dodgy. I tried the links but just get a 'server not found error' by firefox. Your anti malware must have that site listed in its database hence it notified you. It would be a good idea to edit those links or notify Wikipedia.
Baby Astronaut Posted December 24, 2009 Author Posted December 24, 2009 The uktimes.cn link is a redirect to the bestscan site which apparently has a fake antivirus for download. These sites are flagged as very dodgy. Who in particular has flagged those sites? Your anti malware must have that site listed in its database hence it notified you. It was a false notification by the site itself (at the time I didn't have anti-malware installed). So had I clicked "OK" it would've probably done something naughty. So I'd just like for someone with advanced protection/expertise to double check the Wikipedia link itself before I'd change it.
StringJunky Posted December 24, 2009 Posted December 24, 2009 Who in particular has flagged those sites? It was a false notification by the site itself (at the time I didn't have anti-malware installed). So had I clicked "OK" it would've probably done something naughty. So I'd just like for someone with advanced protection/expertise to double check the Wikipedia link itself before I'd change it. There's a few malware watch sites that list it as dangerous here's two listing that I've extracted: 193.169.235.6 donlaci.cn/download/install.php?uid=13400 193.169.235.5 goscanmoth.com/?uid=13400 88.198.160.57 bestscan11.com/download.php?id=2004 91.212.226.186 1uktimes.cn/go.php?id=2004&key=fff0057594&d=1 122.115.63.5 totalcaresix.net/redirect2/ 193.104.153.245 hometimesecurity.com/downloader.php?affid=92800 95.143.192.52 trustedmicrosoftscan2.com/download/pack_283s1.exe http://www.yourpcblog.com/2009/12/dangerous-domain-list-122009/ 2009/12/20_12:02 bestscan11.com/download.php?id=2004 88.198.160.57 static.88-198-160-57.clients.your-server.de. fake av - 24940 http://www.malwaredomainlist.com/mdl.php?search=bestscan11.com&inactive=on I didn't know if it was your installed software that informed you,you did not say.......obviously it was a scareware notification by the malware maker. You would be led to a payment page for a fake Anti Virus according to one site. I'll leave someone else to chime in now. 1
Baby Astronaut Posted December 25, 2009 Author Posted December 25, 2009 Seems a few others had the redirect problem too. http://www.google.com/#hl=en&q=newscientist+1uktimes Who knows if newscientist.com is even aware of the problem, as I didn't find any reports by them online.
Baby Astronaut Posted January 16, 2010 Author Posted January 16, 2010 Update. I had a few email conversations with newscientist, they knew of the problem and fixed it. So according to them, the malicious software wouldn't have been downloaded unless a customer duped by the fraud opted to download it. I wanted to to know the name of the malicious program, and run a check for it specifically, just in case. But they didn't know, finding it very difficult to gather any information on that problem. Did a Malwarebytes check, then Ad-Aware. Both updated, neither found anything. Hopefully everything's clear, even though when it happened I just shut all the windows down instead of clicking "no".
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now