Well, Matthew, my boy, it appears to have been more than a simple spyware incident on a Mac or two. If you're not part of the solution.... - ferg -- "Matthew S. Hallacy" <poptix@poptix.net> wrote: On Sun, May 08, 2005 at 02:18:19AM +0000, Fergie (Paul Ferguson) wrote:
Does anyone else think that its a bit odd that if it were simply "DNS problems" that a redirect for www.google.com would end up at a location which provided this:
All of the "hack" evidence is from people looking at a whois query and fretting over: Server Name: GOOGLE.COM.SUCKS.FIND.CRACKZ.WITH.SEARCH.GULLI.COM IP Address: 80.190.192.24 Registrar: KEY-SYSTEMS GMBH Whois Server: whois.rrpproxy.net Referral URL: http://www.key-systems.net Server Name: GOOGLE.COM.HAS.LESS.FREE.PORN.IN.ITS.SEARCH.ENGINE.THAN.SECZY.COM IP Address: 209.187.114.130 Registrar: INNERWISE, INC. D/B/A ITSYOURDOMAIN.COM Whois Server: whois.itsyourdomain.com Referral URL: http://www.itsyourdomain.com We've been over this before, whois queries also return nameservers, which people take advantage of.
http://img179.echo.cx/img179/7959/googlehacked7to.jpg
[or]
http://img241.echo.cx/img241/6208/googlemsn3lp.png
Seems more than simple "DNS problems" to me.
I hate being played like an idiot....
- ferg
Wow, one person being redirected to a competitors site, ever heard of spyware? (Yes, even on a Mac) -- Matthew S. Hallacy FUBAR, LART, BOFH Certified http://www.poptix.net GPG public key 0x01938203