Log in

No account? Create an account

Previous Entry | Next Entry

Woot! Score one for the good guys

Yesterday, I talked about how the Russian Zlob gang was abusing open redirectors on the Net to seed Google with links to malware. I'd made a list of such open redirectors over the past few days, and have been contacting the owners of the redirectors explaining the problem and how to fix it.

Last night, I found an open redirector on the usa.gov site, which was being used in Google links to spread malware. I fired off an email to the usa.gov Webmaster explaining the problem. This morning I got a very nice email reply saying they'd verified the problem and fixed it; the redirector now does referrer checking and refuses to redirect for non-local requests. Checked it out, and sure enough, it was fixed.

Woot! They had a patched script up within hours. Who says the government is always slow and inefficient?


( 8 comments — Leave a comment )
(Deleted comment)
Nov. 19th, 2008 04:00 pm (UTC)
I haven't! I've seen numerous copies of a Wal-Mart $200 survey phish, though, that sounds like it uses a very similar social engineering hook; it offers money or a Wal-Mart credit for filling out a survey online, then asks for the mark's credit card number so that the survey reward can be credited to the mark's account.
Nov. 19th, 2008 05:21 pm (UTC)
You rock, Franklin!!!


Nov. 19th, 2008 05:46 pm (UTC)
I wrote the UW system admin webmaster with a link to your post. No word yet.
Nov. 19th, 2008 09:12 pm (UTC)
Well, I'll argue that it's inefficient to wait for some guy in FL(?) to find the problem and provide a fix ;)

Seriously, I'd hope a form letter with a quick synopsis would get 99% of these fixed within a day.
Nov. 20th, 2008 12:19 am (UTC)
"Woot! They had a patched script up within hours. Who says the government is always slow and inefficient?"

Didn't you mention that it was faster to fix than the time it takes to explain what an open redirector is?
Nov. 20th, 2008 12:33 am (UTC)
Thank you for making the world wide web safer for those who don't know better. Thank you for making my job easier. :) Less malware = more time to do constructive work things.
Nov. 20th, 2008 05:37 pm (UTC)
You do very cool work here, and it's good to see at least some webmasters actually respect it and fix the problems promptly and politely :)
Nov. 20th, 2008 08:19 pm (UTC)
Seems to me that the German colsolate also has the redirector issue. A coworker was going on line to apply for a visa to travel there, and he had to call them about not being able to get to the page for 3 days. They gave him the appropreate link, but his computer (which I am working on right now) is totally screwed! Hellzlittlespy keylogger and a wonderful collection of other little brats that joined it. Not every day you get the windows login (the good ol 'hit Ctrl-Alt-Del to log in') ontop of a Windows Desktop! I'm thinking I'm not going to waste my time, back up the files and blow the drive out.
( 8 comments — Leave a comment )