-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Wed, May 12, 2010 at 6:03 PM, Rob, grandpa of Ryan, Trevor, Devon & Hannah <[email protected]> wrote:
> Sorry, but some of the sites listed here seem likely to contain malware. > I'm not sure that there is any point in trying to obfuscate it. > > Apparently someone known as Kenny Strasser, or K-Strass, has been going > around to television stations purporting to demonstrate yo-yo tricks (for > a charity), and then turns out to be a talentless klutz. YouTube members > find this screamingly funny: > > http://www.youtube.com/results?search_query=k-strass+&aq=f > > It has now been picked up by Mashable, so will probably have a wider > audience: > > http://mashable.com/2010/05/12/yo-yo-champ/ > > (At least one link on that page is potentially dangerous.) > > The thing is, various sites associated with this "project" (whatever it > is) seem to be rather unusual. Some of these may be the usual crop of > malware sites relying on SEO, but at least one rather strange site is > spelled out in one of the videos: > > zipzapllc.com > > A Twitter account warns against some "fake" sites, and Mashable seems to > be directing people to one of those. (The Twitter account says their own > site is zimzaminc.com ) > > zimzamyoyo.com > > zimzamyoyos.com > > Stumbled across this by accident, and so far have only been able to > determine that there is a lot of JavaScript and redirecting going on. > I don't see anything immediately malicious, but did find this comment over on YoYoSkills.com: http://www.yoyoskills.com/?p=4065#comments Lots of JavaScript, sure, but again, nothing jumps out at me as overtly malicious. Probably someone trying to capitalize on the popularity of the original YoYo stuff. - - ferg -----BEGIN PGP SIGNATURE----- Version: PGP Desktop 9.5.3 (Build 5003) wj8DBQFL606Kq1pz9mNUZTMRAtSLAKD8sBbKJUHV1y23CknV+luOs73bwACfQ+rM CpX9/QoVw/HDuO8yGMFbzcI= =IwTC -----END PGP SIGNATURE----- -- "Fergie", a.k.a. Paul Ferguson Engineering Architecture for the Internet fergdawgster(at)gmail.com ferg's tech blog: http://fergdawg.blogspot.com/ _______________________________________________ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
