Parking Malware
August 28, 2010 1:41 PM Subscribe
The page served by Network Solutions for parked domains was serving malware until two weeks ago. Apparently it had been like that for months without anyone taking notice.
Can we simply declare them incompetent and stop using them? As far as I can remember, they've never been good at what they do, and yet they control a bunch of major DNS zones, cryptographic trust roots, etc.
posted by hattifattener at 2:06 PM on August 28, 2010 [7 favorites]
posted by hattifattener at 2:06 PM on August 28, 2010 [7 favorites]
A friend who works in computer security was telling me that the current trend in malware is to target web hosting servers. That way they have access to every web site on the server, and every machine machine that looks at one of them.
This seems to be an example of that. You'd think Network Solutions would be a bit better about keeping their machines clean.
posted by Jimmy Havok at 2:14 PM on August 28, 2010
This seems to be an example of that. You'd think Network Solutions would be a bit better about keeping their machines clean.
posted by Jimmy Havok at 2:14 PM on August 28, 2010
It still is. AVG blocked them on my machine.
posted by elmaddog at 2:15 PM on August 28, 2010 [1 favorite]
posted by elmaddog at 2:15 PM on August 28, 2010 [1 favorite]
and yet they control a bunch of major DNS zones
I think those are now controlled by Verisign, who used to own Network Solutions.
posted by East Manitoba Regional Junior Kabaddi Champion '94 at 2:20 PM on August 28, 2010
I think those are now controlled by Verisign, who used to own Network Solutions.
posted by East Manitoba Regional Junior Kabaddi Champion '94 at 2:20 PM on August 28, 2010
I'm shocked to hear that NS is still in business. Hadn't heard that name in years.
posted by dobbs at 2:40 PM on August 28, 2010
posted by dobbs at 2:40 PM on August 28, 2010
I think those are now controlled by Verisign, who used to own Network Solutions.
They sold NS but kept control over the domain names?
posted by delmoi at 2:52 PM on August 28, 2010
They sold NS but kept control over the domain names?
posted by delmoi at 2:52 PM on August 28, 2010
odinsdream: now I have to worry about the machine machine uprising?!
I wouldn't worry. The man machine has had over thirty years to establish dominance.
posted by vanar sena at 3:25 PM on August 28, 2010
I wouldn't worry. The man machine has had over thirty years to establish dominance.
posted by vanar sena at 3:25 PM on August 28, 2010
now I have to worry about the machine machine uprising?!
Only if you're a machine.
posted by Jimmy Havok at 3:59 PM on August 28, 2010
Only if you're a machine.
posted by Jimmy Havok at 3:59 PM on August 28, 2010
Wow, 5.9 million pages..... This zombienet is going to be a large one..
posted by dabitch at 4:30 PM on August 28, 2010
posted by dabitch at 4:30 PM on August 28, 2010
They sold NS but kept control over the domain names?
Verisign sold the registrar business in 2003, which continues to sell and register (and incompetently park) domain names under the "Network Solutions" name, but kept the registry business and still maintains the root zone file and runs the A and J root servers.
posted by nicwolff at 4:42 PM on August 28, 2010
Verisign sold the registrar business in 2003, which continues to sell and register (and incompetently park) domain names under the "Network Solutions" name, but kept the registry business and still maintains the root zone file and runs the A and J root servers.
posted by nicwolff at 4:42 PM on August 28, 2010
Do you actually have to click on the ad/widget on the NS parked pages to get malware downloaded onto your machine? I didn't get a real sense of the threat level.
posted by storybored at 5:43 PM on August 28, 2010
posted by storybored at 5:43 PM on August 28, 2010
storybored -- I got the impression that the javascript itself is executing malicious code. I just looked at the source, and they're doing some weird code obfuscation.
posted by spiderskull at 5:48 PM on August 28, 2010 [2 favorites]
posted by spiderskull at 5:48 PM on August 28, 2010 [2 favorites]
Even better is that Verisign is now owned by (drum roll please) Symantec!
You know? The, umm, anti-virus people?
posted by kcds at 8:32 PM on August 28, 2010 [1 favorite]
You know? The, umm, anti-virus people?
posted by kcds at 8:32 PM on August 28, 2010 [1 favorite]
I picked up ransomware (it claimed I was heavily infected with viruses, and kept just about every app from running, while asking for $35 to resolve the problem) from a random web site a couple of months ago. Malwarebytes took care of it for me. (note: the top result from a Google search for malwarebytes led to a malware page).
My security industry friend said he got $300 for using their free virus cleaner on a client...he isn't quite sure what their business model is.
posted by Jimmy Havok at 1:02 PM on August 29, 2010 [1 favorite]
My security industry friend said he got $300 for using their free virus cleaner on a client...he isn't quite sure what their business model is.
posted by Jimmy Havok at 1:02 PM on August 29, 2010 [1 favorite]
There's a pay version of AntiMalware with more features.
posted by Chocolate Pickle at 2:31 PM on August 29, 2010
posted by Chocolate Pickle at 2:31 PM on August 29, 2010
Malware Bytes didn't find anything on my computer; it was the first thing I tried. Yet I have some of the supposed malware files that were listed in the linked article. I haven't noticed anything weird, so I guess I'll just let it go?
posted by bluefly at 8:22 AM on August 30, 2010
posted by bluefly at 8:22 AM on August 30, 2010
« Older The Twin Who Didn't Make It | Mithras Newer »
This thread has been archived and is closed to new comments
posted by enn at 1:52 PM on August 28, 2010