GoFuckYourself.com - Adult Webmaster Forum - View Single Post

49thParallel · 04-21-2003, 06:57 PM

More interesting information on this Standard Internet exploit:

SPYWARE INFO FORUM http://www.spywareinfo.com/forums/in...4922&hl=fassia

TECHIE RESOURCE SITE
http://www.doxdesk.com/parasite/AutoSearch.html

Of additional interest is a reference in the second URL placed above. which states that some consumers and businesses that have been hit by this attack are redirected as follows:
"Any address bar search you do is sent to a single page, possibly at www.tunders.com"

A search of WHOIS quickly reveals that tunders.com is, as have been all of the other links discussed above, a STANDARD INTERNET owned and operated domain.

Also of interest is the part which states, Distribution - Unknown As Yet....

The information I have gathered thus far will be shared in very short order, and the same requests to forward complaints to the FTC will repeated, in hopes that the techies on the Spyware board will be even more convincing and eloquent in their determination of the source of this system exploit.

And 12-Clicks, at one point, if you would have said that this was all the work of an "evil affiliate", perhaps I would have been convinced. (Although I would have hunted them down as well). But, as discussed previously, the JS/Exploit comes directly from my test affiliate ALLClicks link.

04-21-2003, 06:57 PM
49thParallel So Fucking Banned Join Date: Jul 2002 Posts: 1,197	More interesting information on this Standard Internet exploit: SPYWARE INFO FORUM http://www.spywareinfo.com/forums/in...4922&hl=fassia TECHIE RESOURCE SITE http://www.doxdesk.com/parasite/AutoSearch.html Of additional interest is a reference in the second URL placed above. which states that some consumers and businesses that have been hit by this attack are redirected as follows: "Any address bar search you do is sent to a single page, possibly at www.tunders.com" A search of WHOIS quickly reveals that tunders.com is, as have been all of the other links discussed above, a STANDARD INTERNET owned and operated domain. Also of interest is the part which states, Distribution - Unknown As Yet.... The information I have gathered thus far will be shared in very short order, and the same requests to forward complaints to the FTC will repeated, in hopes that the techies on the Spyware board will be even more convincing and eloquent in their determination of the source of this system exploit. And 12-Clicks, at one point, if you would have said that this was all the work of an "evil affiliate", perhaps I would have been convinced. (Although I would have hunted them down as well). But, as discussed previously, the JS/Exploit comes directly from my test affiliate ALLClicks link.