I’d better get right on it.
I wonder why the Internal Revenue Service site is at builtfree.org.
Victim of MySQL Injection.
In the morning of February 10th, 2012 I received a frantic phone call from a client; their site was compromised. So I spent good portions of Friday and Saturday cleaning up a site that was hacked through MySQL injection. I found out that the hack came through an old installation of WordPress 2.1.4.
So far, so good. I’ll be watching the site for any suspicious activities.
Path updates iOS App, address book upload is now opt-in.
The headline: Path Uploads Your Entire iPhone Address Book to Its Servers
Path‘s response: We are sorry
We made a mistake. Over the last couple of days users brought to light an issue concerning how we handle your personal information on Path, specifically the transmission and storage of your phone contacts.
…….
In Path 2.0.6, released to the App Store today, you are prompted to opt in or out of sharing your phone’s contacts with our servers in order to find your friends and family on Path. If you accept and later decide you would like to revoke this access, please send an email to service@path.com and we will promptly see to it that your contact information is removed.
Path iOS App version 2.0.6 now warns users before uploading the content of Address Book.
That’s a proper response from Path.
Goodbye Path, for now.
The headline: Path Uploads Your Entire iPhone Address Book to Its Servers
The reactions: Delete Path from iPhone (iOS device)
Email service@path.com and request to delete your Address Book data from Path servers.
Hi (First Name of Path User),
Thanks for getting in touch with us! I have erased your contacts and their information from our servers.
On behalf of the team, I’d like to apologize for any privacy concerns that you may have had. Our current release of Path for Android requests permission to access your address book. In the next iOS release, we will have this same permission request added.
Until the update is released for iOS, selecting “Add Friends” will display the names of contacts that you have stored on your phone. But now that you’ve opted out of contact uploading, we will never re-store this data on our servers.
Please let me know if there is anything else I can do to help you. I’m more than happy to address any further questions or concerns that you may have.
Best,
(First Name of Path Service Personnel)
That’s simple enough.
Can you trust CNET even less? Apparently you can.
It is shit like this, CNET!
No I do not want you to install blekko toolbar.
No I do not want blekko as my default search provider.
Scam Alert: samplerewardsonline.com
UPDATE:
samplerewardsonline.com has the IP 38.101.10.141 which belongs to Cogent.
Please contact: abuse@cogentco.com
——-
First, there is no such thing as iPhone 5 at this point in time. Apple is not looking for iPhone 5 testers and never did so in the past with their product.
This investigation was prompted by a spam SMS from +1 (646) 709-7845 that says:
Apple is looking for iPhone 5 testers! The first 1000 users that go to http://mobile-testers.com and enter code 0214 will get to test & keep a new iPhone 5
The site mobile-testers.com is a portal to samplerewardsonline.com. The domain name was registered on February 1st, 2012 through eNom, Inc. and hosted by HostGator. The domain registration is also protected by WhoisGuard based on whois query.
You can enter any 4-character-code into the field and continue and it will redirect to samplerewardsonline.com.
Whois information on samplerewardsonline.com:
Lions-share:~ suspicious-bagel$ whois samplerewardsonline.com
Whois Server Version 2.0
Domain names in the .com and .net domains can now be registered
with many different competing registrars. Go to http://www.internic.net
for detailed information.Domain Name: SAMPLEREWARDSONLINE.COM
Registrar: DYNAMIC DOLPHIN, INC.
Whois Server: whois.dynamicdolphin.com
Referral URL: http://www.dynamicdolphin.com
Name Server: NS1.SAMPLEREWARDSONLINE.COM
Name Server: NS2.SAMPLEREWARDSONLINE.COM
Status: clientTransferProhibited
Updated Date: 21-sep-2011
Creation Date: 21-sep-2011
Expiration Date: 21-sep-2012>>> Last update of whois database: Tue, 07 Feb 2012 02:14:38 UTC <<<
NOTICE: The expiration date displayed in this record is the date the
registrar’s sponsorship of the domain name registration in the registry is
currently set to expire. This date does not necessarily reflect the expiration
date of the domain name registrant’s agreement with the sponsoring
registrar. Users may consult the sponsoring registrar’s Whois database to
view the registrar’s reported date of expiration for this registration.TERMS OF USE: You are not authorized to access or query our Whois
database through the use of electronic processes that are high-volume and
automated except as reasonably necessary to register domain names or
modify existing registrations; the Data in VeriSign Global Registry
Services’ (“VeriSign”) Whois database is provided by VeriSign for
information purposes only, and to assist persons in obtaining information
about or related to a domain name registration record. VeriSign does not
guarantee its accuracy. By submitting a Whois query, you agree to abide
by the following terms of use: You agree that you may use this Data only
for lawful purposes and that under no circumstances will you use this Data
to: (1) allow, enable, or otherwise support the transmission of mass
unsolicited, commercial advertising or solicitations via e-mail, telephone,
or facsimile; or (2) enable high volume, automated, electronic processes
that apply to VeriSign (or its computer systems). The compilation,
repackaging, dissemination or other use of this Data is expressly
prohibited without the prior written consent of VeriSign. You agree not to
use electronic processes that are automated and high-volume to access or
query the Whois database except as reasonably necessary to register
domain names or modify existing registrations. VeriSign reserves the right
to restrict your access to the Whois database in its sole discretion to ensure
operational stability. VeriSign may restrict or terminate your access to the
Whois database for failure to abide by these terms of use. VeriSign
reserves the right to modify these terms at any time.The Registry database contains ONLY .COM, .NET, .EDU domains and
Registrars.
Registration Service Provided By: DYNAMIC DOLPHIN, INC
Contact: +1.7208723477Domain Name: SAMPLEREWARDSONLINE.COM
Registrant:
Dynamic Dolphin Privacy Protection
Privacy Protect (privacyprotect@dynamicdolphin.com)
5023 W 120th Ave #233
Broomfield
Colorado,80020
US
Tel. +001.7208723477Creation Date: 21-Sep-2011
Expiration Date: 21-Sep-2012Domain servers in listed order:
ns1.samplerewardsonline.com
ns2.samplerewardsonline.comAdministrative Contact:
Dynamic Dolphin Privacy Protection
Privacy Protect (privacyprotect@dynamicdolphin.com)
5023 W 120th Ave #233
Broomfield
Colorado,80020
US
Tel. +001.7208723477Technical Contact:
Dynamic Dolphin Privacy Protection
Privacy Protect (privacyprotect@dynamicdolphin.com)
5023 W 120th Ave #233
Broomfield
Colorado,80020
US
Tel. +001.7208723477Billing Contact:
Dynamic Dolphin Privacy Protection
Privacy Protect (privacyprotect@dynamicdolphin.com)
5023 W 120th Ave #233
Broomfield
Colorado,80020
US
Tel. +001.7208723477Status:LOCKED
Note: This Domain Name is currently Locked. In this status the domain
name cannot be transferred, hijacked, or modified. The Owner of this
domain name can easily change this status from their control panel.
This feature is provided as a security measure against fraudulent domain name hijacking.
samplerewardsonline.com is registered through Dynamic Dolphin, Inc.
samplerewardsonline.com IP is 38.101.10.141 which in the same block with similar scam sites such as Populargiftsforyou.com and PlanetGiftRewards.com
Scam and Spam Alert: mobile-testers.com
New round of SMS spam that is also a scam from mobile-testers.com. The unsolicited SMS is coming from +1 (646) 709-7845 and the message is saying:
Apple is looking for iPhone 5 testers! The first 1000 users that go to http://mobile-testers.com and enter code 0214 will get to test & keep a new iPhone 5
Apple IS NOT looking for iPhone 5 testers. Apple IS NOT calling the next iPhone by “iPhone 5” name yet. This is clearly a SCAM.
The domain mobile-testers.com is registered through eNom, Inc. and protected by WhoisGuard (see WhoIs information at the bottom of this post).
If you’re getting this SMS spam, you should:
- Report mobile-testers.com as spam to WhoisGuard through the Report Spam page.
- File complaints on FCC site.
File a complaint on FCC site http://esupport.fcc.gov/complaints.htm
You should file form 1088G to report this violation.
You can also call 1-888-CALL-FCC (1-888-2255-322) voice; 1-888-TELL-FCC (1-888-8355-322) TTY.
According to FCC, this type of “marketing” does violate CAN-SPAM Act.
At the time of this posting mobile-testers.com displays:
Service Unavailable
Server currently undergoing maintenance. Webmaster: please contact support.
UPDATE:
From Google Cache
Based on the WhoIs information, mobile-testers.com is using HostGator DNS. The IP address is 174.132.151.98, a SoftLayer/ThePlanet.com IP which is assigne to HostGator; a reseller of the service.
Whois information on mobile-testers.com:
Lions-share:~ suspicious-bagel$ whois mobile-testers.com
Whois Server Version 2.0
Domain names in the .com and .net domains can now be registered
with many different competing registrars. Go to http://www.internic.net
for detailed information.Domain Name: MOBILE-TESTERS.COM
Registrar: ENOM, INC.
Whois Server: whois.enom.com
Referral URL: http://www.enom.com
Name Server: NS1343.HOSTGATOR.COM
Name Server: NS1344.HOSTGATOR.COM
Status: clientTransferProhibited
Updated Date: 05-feb-2012
Creation Date: 01-feb-2012
Expiration Date: 01-feb-2013>>> Last update of whois database: Mon, 06 Feb 2012 20:39:31 UTC <<<
NOTICE: The expiration date displayed in this record is the date the
registrar’s sponsorship of the domain name registration in the registry is
currently set to expire. This date does not necessarily reflect the expiration
date of the domain name registrant’s agreement with the sponsoring
registrar. Users may consult the sponsoring registrar’s Whois database to
view the registrar’s reported date of expiration for this registration.TERMS OF USE: You are not authorized to access or query our Whois
database through the use of electronic processes that are high-volume and
automated except as reasonably necessary to register domain names or
modify existing registrations; the Data in VeriSign Global Registry
Services’ (“VeriSign”) Whois database is provided by VeriSign for
information purposes only, and to assist persons in obtaining information
about or related to a domain name registration record. VeriSign does not
guarantee its accuracy. By submitting a Whois query, you agree to abide
by the following terms of use: You agree that you may use this Data only
for lawful purposes and that under no circumstances will you use this Data
to: (1) allow, enable, or otherwise support the transmission of mass
unsolicited, commercial advertising or solicitations via e-mail, telephone,
or facsimile; or (2) enable high volume, automated, electronic processes
that apply to VeriSign (or its computer systems). The compilation,
repackaging, dissemination or other use of this Data is expressly
prohibited without the prior written consent of VeriSign. You agree not to
use electronic processes that are automated and high-volume to access or
query the Whois database except as reasonably necessary to register
domain names or modify existing registrations. VeriSign reserves the right
to restrict your access to the Whois database in its sole discretion to ensure
operational stability. VeriSign may restrict or terminate your access to the
Whois database for failure to abide by these terms of use. VeriSign
reserves the right to modify these terms at any time.The Registry database contains ONLY .COM, .NET, .EDU domains and
Registrars.
=-=-=-=Registration Service Provided By: Namecheap.com
Contact: support@namecheap.com
Visit: http://namecheap.comDomain name: mobile-testers.com
Registrant Contact:
WhoisGuard
WhoisGuard Protected ()Fax:
11400 W. Olympic Blvd. Suite 200
Los Angeles, CA 90064
USAdministrative Contact:
WhoisGuard
WhoisGuard Protected (ddeb681058d445c29c606b0a45f3dab0.protect@whoisguard.com)
+1.6613102107
Fax: +1.6613102107
11400 W. Olympic Blvd. Suite 200
Los Angeles, CA 90064
USTechnical Contact:
WhoisGuard
WhoisGuard Protected (ddeb681058d445c29c606b0a45f3dab0.protect@whoisguard.com)
+1.6613102107
Fax: +1.6613102107
11400 W. Olympic Blvd. Suite 200
Los Angeles, CA 90064
USStatus: Locked
Name Servers:
ns1343.hostgator.com
ns1344.hostgator.comCreation date: 01 Feb 2012 15:15:00
Expiration date: 01 Feb 2013 07:15:00
——-
Also filed under Text-Spammer