Some of these shady "projects" were already blocked by us, and some weren't. I've handled the balance. Thanks for the report.
-- Lucas On Thu, Jun 28, 2012 at 4:12 PM, <zhangyo...@gmail.com> wrote: > After I opened some web page from Google, I found the search result page > navigated to Taobao Tmall.(eg: http://www.nngcl.com/a/cunchu/427.html) > The malicious code uses opener.location to navigate the search result page. > And then load invisible flash object into the opened web page to emulate > clicks to many other websites. > It seems that all affected websites are based on DedeCMS with > /include/dedeajax2.js > been injected some document.write code > using javascript and flash resource hosted on these Google Code Project > below: > > bijioc (already blocked) > > fl-hali (fl: flash) > > nv-apple (nv: navigate) > nv-banana > nv-coconut > nv-durian > nv-egg > nv-gboy (already blocked) > nv-grape > nv-icecream > nv-juice > > http://code.google.com/p/cmssource might be the workspace of the code > author. > > References: > > http://stackoverflow.com/questions/10039772/here-is-a-new-type-of-ad-javascript-by-change-window-opener-location-how-can > http://osdir.com/ml/HostingatGoogleCode/2012-02/msg00135.html > > https://groups.google.com/forum/#!msg/google-code-hosting/yLC5L25ZJnc/r8QjAIYBGM4J > http://bbs.dedecms.com/simple/?t479880.html (Chinese) > http://www.wooyun.org/bugs/wooyun-2010-01319 (Chinese) > > -- > You received this message because you are subscribed to the Google Groups > "Project Hosting on Google Code" group. > To view this discussion on the web visit > https://groups.google.com/d/msg/google-code-hosting/-/5k5_0WL5-fsJ. > To post to this group, send email to google-code-hosting@googlegroups.com. > To unsubscribe from this group, send email to > google-code-hosting+unsubscr...@googlegroups.com. > For more options, visit this group at > http://groups.google.com/group/google-code-hosting?hl=en. > -- You received this message because you are subscribed to the Google Groups "Project Hosting on Google Code" group. To post to this group, send email to google-code-hosting@googlegroups.com. To unsubscribe from this group, send email to google-code-hosting+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/google-code-hosting?hl=en.
