Home   Groups   Digests   Personalise   Search   Login
  POV-Ray : Newsgroups : povray.off-topic : Domain Poisoning? : Domain Poisoning? Server Time
28 Sep 2024 17:25:37 EDT (-0400)
  Domain Poisoning?  
From: Mike Raiford
Date: 22 Sep 2009 06:47:12
Message: <4ab8ab30$1@news.povray.org>
 
All,

I've run into this a couple times, now. Once on my work PC (Which is 
alarming, but then viruses have been known to run wild at times) and on 
my wife's notebook.

My PC is unaffected, so far.

What happens is this: You click on a website (in my wife's case, it was 
a result form a google search, in my case, a bookmark to Tor Olav's 
website) but instead of the site you were expecting you're redirected to 
some bogus virus scanner website, which then tells you you have hundreds 
of infected files and to download their "virus scanner", which is 
actually a trojan horse, that loads up your computer with all sorts of 
malware, then demands you pay for the program to clean your infected 
computer.

When this happened to me, I thought perhaps Tor's host closed down and a 
rogue took it over. But, I tried a different page on his site, and it 
was clean. I tried the original bookmark again ... normal. Weird.

It was the same with my wife's site. She was searching about neck pain, 
and followed a link to a legitmate website and got the same thing. It 
redirected her to a site of the URL "compuererthreats2.com" (note the 
spelling) which began the bogus scan.

My work computer appears clean, according to the eTrust scanner. Her 
computer appears clean according to Norton. I see no suspicious 
processes running on either computer, and all settings and relevant 
registry entries look fine. WTF is happening? Is there something out 
there poisoning DNS servers briefly, but randomly, causing this, or is 
there a new nasty out there that has hidden itself deeply within my 
wife's and my work computers?


Post a reply to this message

Copyright 2003-2023 Persistence of Vision Raytracer Pty. Ltd.