Page 1 of 2 12 LastLast
Results 1 to 10 of 13

Thread: reunion.com: legit site or malware?

  1. #1
    Just a Virtualized Geek MrLinus's Avatar
    Join Date
    Sep 2001
    Location
    Redondo Beach, CA
    Posts
    7,323

    Angry reunion.com: legit site or malware?

    Interesting little thing that happened this morning. My g/f received a request from a friend to join this site. So she clicked on it and it went through her gmail account, sending a request to all email addresses it found. It also opened up a link to an "AV online scanner" that found "3 nasties" on "her system" but when I tried to close the window, it kept insisting on trying to download an "AV software" to her system.

    It's interesting how they tout that they've got 34 million members. I wonder how many were falsely led to believe to join because friends "contacted" them about it. My g/f is pissed because it sent itself out to potential work contacts and close friends.

    So at the least, be aware that this is out there but I'm curious if others would view this more as malware or what?
    Goodbye, Mittens (1992-2008). My pillow will be cold without your purring beside my head
    Extra! Extra! Get your FREE copy of Insight Newsletter||MsMittens' HomePage

  2. #2
    Senior Member
    Join Date
    Oct 2007
    Location
    do a whois search on my ip...
    Posts
    268
    Not sure if this would be a good idea, or against the rules, but post a link! I wouldn't mind looking at it... ( I feel your pain on the g/f deal, I spent like a hour or two cleaning up my girlfriends laptop the other day, they just click click click lol)
    http://i47.photobucket.com/albums/f1...naturecopy.jpg

    You Haven't Lived Until You Have Died...

  3. #3
    Just a Virtualized Geek MrLinus's Avatar
    Join Date
    Sep 2001
    Location
    Redondo Beach, CA
    Posts
    7,323
    Here's where the "Yes" link (that is, Yes, I know this person) goes to:

    http://www.reunion.com/showRegistration.pub?

    I think it does the check after you've registered.
    Goodbye, Mittens (1992-2008). My pillow will be cold without your purring beside my head
    Extra! Extra! Get your FREE copy of Insight Newsletter||MsMittens' HomePage

  4. #4
    Senior Member nihil's Avatar
    Join Date
    Jul 2003
    Location
    United Kingdom: Bridlington
    Posts
    17,188
    Hmmm,

    I have been increasingly reading about various attacks using social networking sites as a vector, but this is a new one to me. Do you have a name for the alleged AV?

    EDIT:

    A quick Google turned up this:

    http://blogs.law.harvard.edu/doc/200...om-spam-alert/

    Seems that they have been "at it" since at least May of this year? They ought to be taken down IMO as that sort of behavior is unacceptable IMO, and they can hardly plead ignorance and being owned after 3 months?
    Last edited by nihil; August 8th, 2008 at 05:49 PM.

  5. #5
    Just a Virtualized Geek MrLinus's Avatar
    Join Date
    Sep 2001
    Location
    Redondo Beach, CA
    Posts
    7,323
    Based on the responses to that post, I'd label it malware and misrepresentation. I didn't find anything in their TOS that said they would take your address book and forward their info to everyone.
    Goodbye, Mittens (1992-2008). My pillow will be cold without your purring beside my head
    Extra! Extra! Get your FREE copy of Insight Newsletter||MsMittens' HomePage

  6. #6
    Senior Member nihil's Avatar
    Join Date
    Jul 2003
    Location
    United Kingdom: Bridlington
    Posts
    17,188
    Hmmmm,

    I didn't find anything in their TOS that said they would take your address book and forward their info to everyone.
    I don't think that would work legally anyways? I am pretty sure that would have to be an opt-in service rather than a default.............. and they don't give the option to opt-out?

  7. #7
    Just a Virtualized Geek MrLinus's Avatar
    Join Date
    Sep 2001
    Location
    Redondo Beach, CA
    Posts
    7,323
    No. Not from what I've read and not from what my g/f said she did..
    Goodbye, Mittens (1992-2008). My pillow will be cold without your purring beside my head
    Extra! Extra! Get your FREE copy of Insight Newsletter||MsMittens' HomePage

  8. #8
    The Doctor Und3ertak3r's Avatar
    Join Date
    Apr 2002
    Posts
    2,744
    I wonder what happens if you sign up as a premium member? Why is that alarm bells don't go off in peoples heads with all the crap that your asked to submit.. HOW do these get your gmail contact list without YOU giving them YOUR PASSWORD... I can understand your local addressbook but gmail etc.. as said.. click click clickity click
    "Consumer technology now exceeds the average persons ability to comprehend how to use it..give up hope of them being able to understand how it works." - Me http://www.cybercrypt.co.nr

  9. #9
    Senior Member nihil's Avatar
    Join Date
    Jul 2003
    Location
    United Kingdom: Bridlington
    Posts
    17,188
    Hi Undies~,

    I know that this sounds horrendous, but I would guess that this scumware activates when you are logged on to an e-mail account (you respond to an invitation?) and just piggybacks to it. The user would be unaware that this had happened.

    I don't think that you need to give them your password, as you are already logged in and they are in essence just impersonating you? That makes it particularly insidious as the user does not seem to be prompted to do anything proactive (a polite word for stupid) that might warn them.

  10. #10
    Just a Virtualized Geek MrLinus's Avatar
    Join Date
    Sep 2001
    Location
    Redondo Beach, CA
    Posts
    7,323
    Actually, reading the blog they seem to use the openID concept and use that to get the address book. The search through Google for Reunion.com and spam seems to turn up quite a few. What I cannot figure out is why someone would pay to be part of that.
    Goodbye, Mittens (1992-2008). My pillow will be cold without your purring beside my head
    Extra! Extra! Get your FREE copy of Insight Newsletter||MsMittens' HomePage

Similar Threads

  1. Replies: 2
    Last Post: June 21st, 2008, 07:51 PM
  2. Newbie Question about Site Certificates
    By JDStringer in forum Newbie Security Questions
    Replies: 4
    Last Post: March 10th, 2005, 09:56 AM
  3. Al-Jazeera Web Site Faces Continued Hacker Attacks
    By DigitalSyntax in forum Web Security
    Replies: 0
    Last Post: March 27th, 2003, 08:25 PM
  4. IIS Site Cache Filled. Why?
    By aberration in forum Microsoft Security Discussions
    Replies: 6
    Last Post: August 9th, 2002, 08:37 PM
  5. USA Today: Hackers vandalized our site
    By NetSyn in forum AntiOnline's General Chit Chat
    Replies: 2
    Last Post: July 13th, 2002, 08:40 PM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •