« Gullible on MySpace
500 gift card from Macy’s »

Wildfire comments on MySpace

It seems every day it’s something else. I find them on profiles for famous singers or other people who get a lot of comments, have lots of friends and don’t moderate heavily.

Here’s one example of a profile spammed with that kind of comment, where HTML wasn’t disabled. Look for comments today from Chad and Wendy Lyn:

Jenny’s profile
Today’s catch is:

kerryissoverry.info/startnow.php
whoswaldo.info/getitnow.php
wswirl.info/dlnow.php

Do NOT go there! It throws up a 302 redirect to profilewatcher_setup.exe.

That site actually advertizes that software. Except, I can’t for the life of me figure out how an exe file can do any profile watching on MySpace, unless the program is instructing YOUR computer to do the watching, and maybe who knows what else…

Either way, it appears they’re doing some spamming. Those comments are (unsuccessfully on the profile I was watching) formatted to have a random MySpace graphic with that link under it. Stealth promoting, in other words. Anyone who clicks on the image, gets the program.

Whois info:

Created On:24-Jan-2007 05:16:32 UTC
Registrant Name:Janice Robb
Registrant Organization:ZeroPoint Search Solutions
Registrant Street1:1555 Sky Valley Dr.
Registrant Street2:#A101
Registrant Street3:
Registrant City:Reno
Registrant State/Province:Nevada
Registrant Postal Code:89523
Registrant Country:US
Registrant Phone:+1.7756241422
Registrant Email: janice@zpsearch.com
Name Server:NS1.GEODNS.NET
Name Server:NS2.GEODNS.NET

IP: 66.135.40.95

zpsearch.com is deemed unsafe by McAfee site advisor. They said the profilewatcher software was safe, but frankly, I don’t care. Zpsearch are spammers, and I don’t trust spammers! I’m fairly sure that software is doing a bit more than McAfee thought - at least today!
Paretologic is a bit more skeptical than McAfee - they point out you have to enter private credentials…

I highly doubt these people entered these comments of their own free will, which leaves the software as the likely culprit.

This entry was posted on Monday, February 12th, 2007 at 1:43 pm and is filed under Social networking spam. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.

4 Responses to “Wildfire comments on MySpace”

  1. jan Says:
    February 13th, 2007 at 5:40 am

    There are lots of these kinds of .exe-sofware to download. It’s obvious they want to gather emails. They will succeed as long people don’t take this serious and still trust microsoft for them to prevent any malicious software to get on the computer. I’ve heard about spammers to take a famous band like u2 and make a myspace fanclub out of this. A lot of people then leave their emails as friends behind and get spammed. Easiest way to get rid of this then is to use emails that are easy to replace, I always recommend this when using myspace or making comments on forums/guestbooks.

  2. Harry Maugans Says:
    February 16th, 2007 at 2:25 pm

    I submitted this post to Digg the other day for you. FWIW:
    http://digg.com/tech_news/Big_Myspace_Spammer_Exposed

    Regards,
    Harry

  3. Richard Says:
    February 23rd, 2007 at 9:58 pm

    That program is designed to steal your Myspace password and turn your profile into a spam-bot!

  4. Zack Says:
    April 19th, 2007 at 12:44 am

    Well, since myspace sends its pw’s in plain text its easy to program a small packet sniffer that looks for tcp/ip connects to myspace.com. The program looks for the line with the password and sends the data back to its company.

Leave a Reply