Not quite sure what the 'prior errorsafe javascript' implementation is. User experience is as follows:
- User visits his favorite website, say, www.joesblog.com - Joesblogs puts some ads on his site and sell his inventory to an adnetwork - Adnetwork doesn't know this "matchservice.com" ad is a scam, and serves the user a nice 468x60 flash banner of rmatchservice.com - If the user's IP & timezone & (mysterious other reasons) match some parameters in the actionscript, flash file opens a popup without a click to errorsafe.com/... - New errorsafe page tries to install active-x and also initiates an .exe download to try to get the user to install the program. - User accidentally clicks install, or "open" on the exe and is now infected w/ spyware. -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of John Dowdell Sent: Wednesday, September 20, 2006 5:20 PM To: Flashcoders mailing list Subject: Re: [Flashcoders] Decompiling some sketchy flash code Michiel Nolet wrote: > I'm in the online advertising industry and I've been trying to track down an squash a scam that has been hitting the industry. There is a party out there (errorsafe.com) that is embedding some very nasty code in their flash ads that depending on several factors will popup a new window and try install their spyware using active-x. Is this different from the prior ErrorSafe JavaScript implementation? If so, then do you know where I can read more conversation about it? My web searches are turning up too much noise. What's the user experience and sequence of events? tx, jd -- John Dowdell . Adobe Developer Support . San Francisco CA USA Weblog: http://weblogs.macromedia.com/jd Aggregator: http://weblogs.macromedia.com/mxna Technotes: http://www.macromedia.com/support/ Spam killed my private email -- public record is best, thanks. _______________________________________________ Flashcoders@chattyfig.figleaf.com To change your subscription options or search the archive: http://chattyfig.figleaf.com/mailman/listinfo/flashcoders Brought to you by Fig Leaf Software Premier Authorized Adobe Consulting and Training http://www.figleaf.com http://training.figleaf.com _______________________________________________ Flashcoders@chattyfig.figleaf.com To change your subscription options or search the archive: http://chattyfig.figleaf.com/mailman/listinfo/flashcoders Brought to you by Fig Leaf Software Premier Authorized Adobe Consulting and Training http://www.figleaf.com http://training.figleaf.com