Archive for the ‘Browser Hijack’ Category

Final Post

October 2, 2009

No – I’m not dead yet!!

This is a final post at Tigerstail.wordpress.com because I am tired of seeking knowledge and bitching about that which is. It is time to use my skills to develope the solutions to all of the problems I have discovered.

Join Me at jimmicap.wordpress.com

Advertisements

Kolmic.com, The Family Tree

January 12, 2008

For most people finding evil sites is tough and even after you get a browser hijack or a URL redirect from your Browser, you’re never quite sure what site infected you. Now my perspective is somewhat different, I have my list of known kiddie porn sites which exist by consent of the government and also associated law enforcement honeypots. I periodically go to these sites and check the source code to find out who the face page is linking to. It seems that all the control is usually from one master computer with face URL’s gathering their feeds and images from that master. When one feed site gets so famous that it is blocked by crapware protection, they switch to the next site. Right now everyone concerned with cnomy.com or Kolmic.com for crapware should also start blocking malkm.com at the firewall level.

Finding these associations is fairly easy once you know the starting point.

If your a sex starved teenage you might dream of multiple partners at:

Orgy.com where the source code shows the javascript and pictures come from Kolmic.com

Hell, you might even dream of multiple orgies at:

Orgies.com where the source code shows the javascript and pictures come from Kolmic.com

If your too young to dream of orgies, you may just want to see naked people at:

naked.com where the source code shows the javascript and pictures come from naked.com and a pop-up comes from kolmic.com

Now these are all tame sites so you might want something more raunchy at:

raunchy.com which redirects to freetube.com with a pop-up from Kolmic.com

Now at one point, the source code for kolmic.com showed scripts and pics from cnomy.com so it’s not surprising that:

femalesex.com also redirects to freetube.com with a cloned pop-up of kolmic from cnomy.com

If you can’t spell, orgie.com used to redirect to raunchy.com but now:

orgie.com redirects to freetube.com

Siteadvisor.com confirms the link between orgie.com and ranuchy.com

So what is the future bad boy on the block to serve our nation at war. My money is on malkm.com based on information obtained from Lolitacj.com which was one of two sites that sent Charles Stephano to jail. When you check siteadvisor.com for lolitacj.com it says it links to kolmic.com yet when you go to:

lolitacj.com, the source code is from malkm.com while the cloned pop-up of kolmic shows cnomy.com source code.

A quick check of malkm.com shows it is connected to erotika.ru and the list of entrapment sites continues to grow.

There are many branches of this tree with crooked roots.


Even Will Smith should be able to decide that kolmic.com was designed by evil people.

Born to Be Bad – Will Smith, Kolmic and Hitler.

January 7, 2008

Will Smith started quite a controversy when he said that he believed that all people are intrinsically good and because he used Hitler as an example the argument degenerated without thought. Well Mr. Smith, I beg to differ and I use as my argument the Internet which I doubt that you know too much about.

Internet usage seems to be dominated by the concept that people do bad just because they can and only do good when they want to. Christ, I might say that that concept even includes Government sites which have a tendency to politicize every fact for political correctness or to dissociate blame. I mean who can possibly believe the psycho who designed the online war game for young people using actual Army equipment interfaces to recruit people. No one could believe this site was designed to do intrinsic good for the nation unless you believe that the use of Gaming addicts as soldiers is the highest and best use of these compulsive children. On the civilian side, what psycho would want to take down Norad for bragging rights or open the secrets of NSA to the world just to prove it can be done?

The internet is full of very twisted people. I casually included Kolmic.com on a list of sites that couldn’t be explored using Google Hacking techniques and immediately people stated flocking to my sites with Kolmic as the search term. Seems I stumbled on Kolmic in my research on American Kiddie Porn and I do mean I was lucky to make the connection to Government supported kiddie porn sites.

On the surface, they are a dramatic success story. They are touted at killerstartups.com as a new search engine. Quantcast.com ranks the site as being 314 in the world while alexa.com ranks them at 1917. IPwalk.com shows them hosting 11,650 domains. Their daily traffic is over 150,000 people per day.

These are incredible numbers considering the site was only organized about 8 months ago and the ownership of this fantastically successful organization is secret with a stealth registration. The IP information suggests Boston but a more realistic guess would put them in Houston working with Everyones Internet.

So what’s bad about a fantastic success in only six months, other than the direct connection to domestic kiddie porn and law enforcement honeypots. It seems that this brand new site is already attracting complaints about URL redirection, start page hijacking and other techniques common to the porn industry and image loading to unsuspecting surfers. One very complete analysis can be found in the comment section of McAfee Site Advisor by phantazm.

Obviously Kolmic.com was a site born to be bad by people with very evil intentions who hide anonymously in cyberspace because of the cowards they are.

Too bad Mr. Smith, there really are some fucking evil people in this world.

Netstat – My New Best Friend!

October 7, 2007

If your gonna be a hacker, you have to use netstat to figure out who’s hacking you and if you can’t defend yourself, you better not start an attack.

I have grow accostomed to having netstat open and sometimes even running in background. I never much thought about the fact that it is operating on a totally different operating system than Windows. One day while surfing, my whole Windows system froze (Firefox on Windows XP)and for no particlular reason I clicked on the DOS window and found netstat up and running and monotoring my system. There were connections to cnn.com and a content delivery system called Limelite which could be explained by being from the last site I visited.

There was also 66.228.208.169 which turned out to be registered to adtaq.com which was not an invited guest.

The next morning, I turned on my machine and immediately started a DOS window running “netstat -ano 7” which means it refreshes every 7 seconds. Before anything could even update, I had two intruders, the FBI and adtaq.com

Since I couldn’t find very much on adtaq.com and didn’t feel like wasting time I blocked them at my firewall.

Oh well, shit happens.

Cookies – Be Careful What You Eat!

September 16, 2007

If you want to be a hacker or cracker, you must become aware of all the ways people can monitor your activity. The easiest one to start with and still the easiest to prevent is cookies.

Now some cookies are necessary and so secession cookies have to be allowed. Yet every time you close your browser, you should wipe out all of them. Advertising cookies do help the site owner but do nothing for you so it’s tempting to block them but why bother if they are wiped out every time your browser closes.

Now sex site cookies are really dangerous and can send you to jail. A site such as youngpervs.com sets 4-5 cookies and tracks all your activities and the sites you link to. It’s almost cool to watch them spying on you and Firefox Browser “tools options” is a cool way to watch them.

Click TOOLS>OPTIONS>SHOW COOKIES after you go to youngpervs.com; Then open the youngpervs cookie file and click on the individual files to see what the say. Click a few links and see how many new URL’s have set cookies and go back to the original youngpervs cookies and see how they have changed.

Even though your wife or mother doesn’t know where you go, you know you are safe when Big Brother is watching you.

The code from youngpervs.com:

document.cookie = ‘click=0; path=/;’
document.cookie = ‘clk=0; path=/;’

Safe Surfing and Safe Sex

August 21, 2007

According to Web MD, teens who enjoy casual sex with multiple partners only practice safe sex half the time. Figuring that the penality from poor judgement is death from weird diseases or unwanted pregnancy, you would guess use of a condom might be greater.

According to Scanit, 42% of Internet surfers use unprotected browsers and 3/4 of the unprotected were high risks. The penality for corrupted machines could be a visit by the FBI and a lifetime of legal problems.

There’s not much that can be done about teen sex as teens have more desire for sex than they have money for condoms.

For a Browser Security check, click here.

IE 7 Sucks

August 5, 2007

In the Tigerstail blog, security and privacy are the only issues. I’m not fond of Window Washer because it doesn’t automatically live up to it’s promise to erase all tracks of your websurfing habits. I finally figured out that it does a fair job of removing tracks from IE 6 if you use a convoluted system of having it fight the browser on start-up and then wipe again when you close it down.

So while I wasn’t comfortable with all thos pop up windows advising me to close my browser because it wasn’t clean, it actually worked to prevent storage of my web surfing tracks if I ignored the message saying the browser couldn’t be cleaned while open.

Then – BAM!!!

In a drive-by download from my automatic upgrade of Windows, I was upgraded to IE 7. Now the reason I stuck with Windows was because I was documenting just how crappy the browser is. However, IE 7 creates and stores those index.dat files in a different way and there was no way for me to get Windows Washer to work in any acceptable manner. Tracks remained and I got random browser error and shutdown messages.

So I switched to CCleaner which I wanted to try anyway based on the recommendation by Shane Fowler in a comment. Now here’s where IE 7 really failed. I mean it simply wouldn’t let CCleaner do its job. There was no way I could get the combination of CCleaner and IE 7 to work. So the choice was stick with my Constitutional right to Privacy or abandon it in favor of supporting Bill Gates and IE 7.

I mean – is this a no-brainer?

In the next couple of blogs, I’ll report on securing Firefox for privacy and the ability of CCleaner to protect me and you.

Haute Secure Sucks

August 3, 2007

After a couple of glowing reviews of Haute Secure Browser Tool, I decided to check it out. Once you figured out the not so obvious download link on their home page, the download was clean and installed well.

From their site we learn the browser tool Stops Malware attacks in Real-time and Prevents bad content from loading

So when I went to Dictionary.reference.com to look up haute, it warned me of 3 malicious attacks on my machine. The pop-up’s that are already blocked by my browser were the source of the warning.

When I went to some hi5.com related sites it blocked me from finding out which person on my hi5.com friends list has a crush on me. It could be either the religious one from Barbados or the one in her underwear from my own Caribbean island. I guess I will never find out as I did not click the button to override the knowledge base. Besides the one I think has the crush was the one in underwear who describes herself as a heavy drinking party girl who is bisexual and looking for adventure. I just might be a little old for all of that.

Seems like in the area of Haute Security, they did all right. Next was my trip to one of those nasty government sponsored kiddie porn sites that just loves to send you pictures that guarantee jail time and then hit you with malware that logs your activity and then more malware that shuts down your machine.

There was no blockage and I saw some of the nastiest kiddie porn pictures I have ever seen without any warning. I closed the browser in an instant. Now as far as I’m concerned, they didn’t block me from having really bad content load but I will give them a little credit for having blocked the spawned browsers from popping up.

When I went to castingcouchteens.com, they did not identify it as a crap site although there was a warning which did not occur on the second entry. The back button no longer worked as I kept on entering more crap sites including seehersquirt.com every time I clicked the back button. The only way out was to shut the browser.

If these guys are serious, they would read the fatsavage.wordpress.com blogg for all the disgusting kiddie porn sites and blacklist them and use the Fatsavage Shitlist of Law Enforcement Honeypots to keep people away from government sponsored kiddie porn.

Haute Secure should stop being so Haute and give more basic protection. They might even protect one of those 17 year olds from being branded a sex offender for life when the basic crime was stupidity.