Fighting Malicious Ads on Download Pages

donho

@krystian3w
I cannot reach to destination domain (to be banned) without full link.
Could you send them to me via my email “don.h@free.fr” ?

Coises

I have yet to visit a Notepad++ download page (with ad blocker off) that doesn’t show malicious ads. I don’t think the attempt to block them is working. Apparently there is an endless supply of them.

Malicious link removed

By the way, since the introduction of the “Advertising” label, what I see is this:

(page down)

and the real download link after the second page down. (If I make my browser window wide enough, the normal configuration returns, but this is how I normally have it, and it’s comfortable on most web sites.)

donho

@Coises said in Fighting Malicious Ads on Download Pages:

I have yet to visit a Notepad++ download page (with ad blocker off) that doesn’t show malicious ads. I don’t think the attempt to block them is working. Apparently there is an endless supply of them.

Sorry I don’t have the time yet to contact adsense for this issue.

The following ads domaine has been blocked:
https://ff.sitesearchweb.com/

I don’t think the block list does not work.
Additionally I just block the 2 following:
https://ff.sitesearchweb.com/offer
https://www.sitesearchweb.com/

Could you try again by removing all cache to see if it work?

and the real download link after the second page down. (If I make my browser window wide enough, the normal configuration returns, but this is how I normally have it, and it’s comfortable on most web sites.)

It’s due to the theme used is conformed to responsive criteria - for that I can do nothing.

Coises

@donho said in Fighting Malicious Ads on Download Pages:

Could you try again by removing all cache to see if it work?

Sure. Now it looks like this (scale shrunk to fit):

Malicious link removed

I don’t think the block list does not work.

I have no reason to think that it doesn’t block what you enter. What I meant was that it’s not accomplishing much, since it seems like no matter how many bad ads you block, there are always more to take their place. It seems like this is making a lot of work for you, but the whole nature of the advertising system is just undermining your efforts. (No complaint or criticism towards you, just disgust for the whole ad-supported nightmare that is the modern web.)

It’s due to the theme used is conformed to responsive criteria - for that I can do nothing.

Understood. I probably use a bit narrower browser window than most people.

donho

@Coises

Sure. Now it looks like this (scale shrunk to fit):

Cool ! it seems the blocking is working - thanks to block https://ff.sitesearchweb.com/offer.
It’s tricky. Typing https://ff.sitesearchweb.com/ will redirect to https://www.sitesearchweb.com/ so I realize https://ff.sitesearchweb.com/ is not a real domain. And the main part of the link you provide is https://ff.sitesearchweb.com/offer (after stripping the parameters) so blocking it make work.

I will remove https://ff.sitesearchweb.com/ from the list because 349 blocages restants (limite de 500) - please let me know if these ads returns back, then I’ll add it again into the list.

The 3 domains that you provided has been blocked:

scamSite: get.wavebrowserpro.com
scamSite: productivityboost.net
scamSite: photoeditor.net

Please let me know if you see others.

donho

@Coises

I have no reason to think that it doesn’t block what you enter. What I meant was that it’s not accomplishing much, since it seems like no matter how many bad ads you block, there are always more to take their place. It seems like this is making a lot of work for you, but the whole nature of the advertising system is just undermining your efforts. (No complaint or criticism towards you, just disgust for the whole ad-supported nightmare that is the modern web.)

I do what I can do.

Though a lot of them are missleading, not all of ad destinations are “malicious” - here’s an example:

The link of “Download the White Paper” is:

https://more.suse.com/Security_controls_for_the_OWASP_Kubernetes_Top_10.html?utm_source=google&utm_medium=display&utm_campaign=5_0004280_OA_Google_NeuVector_OWASP_Whitepaper_mp_2024737_en&utm_term=NeuVector_Prime&qgad=749273370457&gad_source=5&gad_campaignid=22495509070&gclid=EAIaIQobChMIq7mXqOCgjgMV3Yd_BB0V5DQqEAEYASAAEgJecfD_BwE

which leads to https://more.suse.com/ - a section of suse.com website.
It’s not the first time I’ve seen this - I have also blocked Microsoft & Google chrome.

I don’t think these prestigious companies are aware that they are running the misleading ads. The real issue, I suspect, is that the marketing departments within these companies work with ad agences that view the traffic as an efficient way to boost superficial performance metrics and revenues.

OTOH, back to 2013, in Oracle Java download from their website, it contained even the crapeware:
https://www.facebook.com/Notepad.plus.plus/photos/pb.100057220819766.-2207520000/569194946466175/?type=3
And Adobe did the same thing:
https://www.facebook.com/Notepad.plus.plus/photos/pb.100057220819766.-2207520000/948957855156547/?type=3

The both cases above, it’s really too huge that I don’t see how they can be innoncent.

Fitsneezy

• Malicious link removed
• Malicious link removed

donho

@Fitsneezy
Both convertfile.ai & gamesuniverse.co are blocked.
Thank you.

Steve Bonds

Still showing misleading download links:

Malicious link removed

via

Malicious link removed

PeterJones

Instead of posting the actual links here – so that this forum becomes a honeypot for every webscraper and gets all these malicious downloads higher in search-engine rankings – could I suggest that people just email Don at the email address he’s already published in this discussion?

donho

@Steve-Bonds
Blocked, thank you.

@PeterJones
Sorry about the pollution with these scam links. I modified the 1st announce and I’ve removed some malicious links in this thread. Feel free to remove the rest if you judge necessary.

water hearwater

Malicious link treated & removed

gaberilde

More Malicious adds on the download page again here are the links

THE FOLLOWING LINKS BELOW ARE MALICIOUS:

https://wavebrowserpro.com/install
https://wavebrowserpro.com/blue-install

PeterJones

Future Posters: remember, it is better to e-mail Don directly with malicious links, rather than to post them here

gaberilde

@PeterJones no problem

MichellesCode

The image that I am seeing. I wasnt able to get the URLs, apologies. I am based in US.

donho

@MichellesCode

The image that I am seeing. I wasnt able to get the URLs, apologies. I am based in US.

If you happen to see them again, please send the link(s) to don.h@free.fr.

Jay Burstin

In my opinion it is confusing to write “See malicious ads here? Help us remove them!” right under the legitimate download button. Especially for users using an adblocker, it makes it very hard to know whether the green download button is legitimate

Can I suggest either moving it (perhaps next to the “Advertising:” text) or changing it to say “The above download button is legitimate. If you see malicious ads on this site, please help us remove them!” (with “help us remove them!” hyperlinked)?

MarcCMcC

There are definitely still giant, green “Download” button ads:

npm i @minecraft/ server

PeterJones

@MarcCMcC said in Fighting Malicious Ads on Download Pages:

There are definitely still giant, green “Download” button ads:

Posting screenshots here isn’t helpful, at this point.

And it is better if you just email the malicious links directly to don.h@free.fr , as has been said repeatedly in this discussion.

–

I am locking this thread, as there isn’t anything new to say about this topic

–

If you came here to report a malicious/dangerous download link (and NOTE: not all ads with “download” are malicious or dangerous), then

e-mail the URLs for malicious or dangerous advertising links on that page directly to don.h@free.fr