The One That Got Away

You can call the author of this blog many things, but please don’t call her “unaware”. Call her, rather, “Incapable of seizing the moment”. Why? Because TechCrunch broke a story that even wound up in the Washington Post about Chinese AOL coming up in Firefox as a possible attack site/forgery (that’s right, a phishing website) on Feb. 13th, but they were not the first to learn the perfectly jaw-dropping news. In fact, I was.

I was fixing dead links on this blog on Feb. 10th when I got to my AOL Hit List and clicked through to Chinese AOL out of sheer curiosity. At that point, I was met with the same warning page that you didn’t find screen shots of on TechCrunch until 3 days later.

Chinese AOL under suspicion as far back as Feb. 10th

My screen shot shows that I could’ve broken this story (without the help of Mike’s tipsters) 3 days before TC did. It would’ve done wondrous things for this blog’s stats. It’s no one’s fault but my own, but I admit I’m extremely sore now about passing on the story, and shocked at just how large it became.

Continue reading…

Welcome! You’ve got PHISH!

Watch out, AOL users. If you see this in your inbox – like I did tonight – then you’ve got Phish. Symptoms of Phish are as follows:

  1. You have an irrepressible urge to click on real-looking links to AOL
  2. You think this phisher’s email is so convincing
  3. You can’t understand why the fine folks at AOL, a multi-billion dollar company, misspell words, mangle grammar and forget to punctuate

Continue reading…

AOL hosts 450 infected sites; be careful where you click!

No, not THIS Trojan...

Sunbelt, the people who make CounterSpy and other software security products, reported on their blog yesterday that at least 450 free AOL sites are infected with the Trojan-Downloader.Zlob.Media-Codec, more commonly known as the zlob-fake-codec.

How this works is you click a search engine result that takes you to an infected AOL account (user.aol.com is shown in the screen shot of an infected result page on Sunbelt’s blog), then you’re prompted to download an ActiveX component to view the web page. If you click Continue to download it, your computer is infected with up to two hundred trojans and unsafe ActiveX components.

Continue reading…

AOL Now the Largest Free Proxy Site in the World

Bad news for AOL: ever since the service became free in August 2006, it’s been devolving into a phisher’s paradise. Now anyone with a broadband connection can download AOL’s free software and use AOL as a proxy server to redirect a website to any other website. If you think about this for a minute you can see the possibilities: for instance, creating a phishing site that looks exactly like neteller.com, then using AOL’s proxy to redirect the HTTP request through the Thailand Ministry of Education. Think it can’t be done? From chrisohara.org (edited for length):

I just received an email today stating that I needed to log into my neteller.com account to collect the money that I was sent via party poker…I don’t have a neteller account but the link in the email was quite interesting. It uses AOL’s redirect page to redirect to…202.143.132.179, which is in Thailand. It appears it belongs to the Ministry of Education. It appears that one of their computers has been compromised…I contacted AOL, admin@aol.com, and they have yet to respond.

Continue reading…