General discussion
Not sure how to do a rating for this
Sun Aug 24 01:34:41 2008 – SalilaI clicked a link in google returns:
http://rollyo.com/Selene-Luna962
Although it had a green dot next to it in the google returns, as soon as I clicked it, I was immediately bombarded with attempts to install software, which, thanks to Firefox, I was able to escape.
The "root" url, if that is the correct term, http://rollyo.com does not do that.
Obviously, the link I clicked should not have a green dot, but the root url does not do the bad stuff.
So could someone tell me the correct way to proceed? How can I warn others about the link I clicked without saying something inaccurate about rollyo.com by itself?
(If this question has been asked and answered somewhere, please forgive my ignorance and point me to the right place. I did look)
- Anmelden oder Registrieren um Kommentare zu schreiben
Malware
Sun Aug 24 02:43:25 2008 – MysteryFCMUnfortunately, you can't rate individual folders, only actual domains. In this case, it would be prudent to report the URL to rollyo. From their contact page;
teamrollyo |at| gmail |dot| com
The actual malware itself, is coming from;
sc24.name/g.js
Ref:
http://vurl.mysteryfcm.co.uk/?url=http://sc24.name/g.js
When g.js is loaded and decoded, it then proceeds to load;
stat.newadultvidz.net/in.cgi
Ref:
http://vurl.mysteryfcm.co.uk/?url=http://stat.newadultvidz.net/in.cgi?5&seoref=http://sc24.name/g.js¶meter=$keyword&se=http://sc24.name/g.js&ur=1&HTTP_REFERER=http://sc24.name/g.js&default_keyword=none
This tries foisting a known rogue (Antivirus 2008) on unsuspecting users.
rollyo.com has been hacked
Sun Aug 24 03:22:49 2008 – logicmanHackers have placed a redirect in the root folder of rollyo.com.
It redirects to security-scan-pc.com - where a rogue antivirus program
attempts to install itself and infest the computer with a trojan.
Do NOT go to either of these sites. I checked this using a sandbox
and other security measures. Going to these sites will put your
computer at risk of infection.
If you have already visited either of these sites, run an anti-virus check NOW.
[edit]
While I was checking this, MysteryFCM has posted a reply.
I have no doubt it is more accurate than mine.
It's not .....
Sun Aug 24 04:15:27 2008 – MysteryFCM.... been hacked ;o)
The folder is a user created folder - not the work of hackers.
But why...?
Wed Aug 27 05:00:54 2008 – phantazmIs it hacked or not? And could you explain why you think so..?
At least I think its obvious that something doesn't match:
On http://rollyo.com I read this: "Rollyo offers the ability to search the content of a list of specified websites, allowing you to narrow down the results to pages from websites that you already know and trust."
But here http://rollyo.com/Selene-Luna962 I read this: "A few moments of silence pass as they let their breathing and pulses subside. He couldn't resist kissing her firm tits and giving each nipple a little suck. s head was filled with daydreams and sexual fantasies. First Selene Luna must remove the old ones she barks. I guessed he was no virgin when I found a load of condoms in a jacket I was washing for him. Then Selene Luna legs were soaped up and once again, the task was started on my feet, working up towards my crotch...."
Doesn't seem to be the same site...
By the way: After reading Salilas comment "as soon as I clicked it, I was immediately bombarded with attempts to install software", I thought I'd like to take a look without clicking anything, not even entering the site. So I rembembered that I had InterClues preview installed, and used that to look ahead on my behalf. Maybe this could be a good idea in general...?
hacked or not?
Wed Aug 27 08:37:08 2008 – logicmanOn going to the root, there was no problem.
Putting in the path caused a redirect which landed up on another site -
security-scan-pc.com
AVG8 immediately reported a trojan, so I killed the sand-box.
I have been seeing a lot of innocent hacked sites lately, mostly
advertised in spam. There are a lot of rogue AV variants which
all exhibit much the same behaviour - showing a 'system scan'
whilst putting one or more trojans on the computer.
Thanks! I sent a msg to rollyo
Sat Sep 27 21:30:50 2008 – SalilaThanks to all the people who checked it out using Magic and Arcane Powers and explaining it all, even though I cannot claim to comprehend the fullness of nerdish nuances, I do understand that that page does indeed have a Bad Thing (TM).
I wish I could say I was relieved to know it was not just me being overly cautious, but I hate to think of all the people who don't have WOT or anything to protect them and are even more clueless than me. (yes, such a thing is possible. Stop smirking).
And I know lots of people will be googling Selene and going to that page because she is on a very popular TV show that is kind of new.