Community
    • Login

    Fighting Malicious Ads on Download Pages

    Scheduled Pinned Locked Moved Security
    39 Posts 12 Posters 16.7k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • CoisesC
      Coises @donho
      last edited by donho

      @donho said in Fighting Malicious Ads on Download Pages:

      Could you try again by removing all cache to see if it work?

      Sure. Now it looks like this (scale shrunk to fit):

      b97a9bb7-d427-4813-9cce-342ef7ba0257-image.png

      Malicious link removed

      I don’t think the block list does not work.

      I have no reason to think that it doesn’t block what you enter. What I meant was that it’s not accomplishing much, since it seems like no matter how many bad ads you block, there are always more to take their place. It seems like this is making a lot of work for you, but the whole nature of the advertising system is just undermining your efforts. (No complaint or criticism towards you, just disgust for the whole ad-supported nightmare that is the modern web.)

      It’s due to the theme used is conformed to responsive criteria - for that I can do nothing.

      Understood. I probably use a bit narrower browser window than most people.

      donhoD 2 Replies Last reply Reply Quote 3
      • donhoD
        donho @Coises
        last edited by donho

        @Coises

        Sure. Now it looks like this (scale shrunk to fit):

        Cool ! it seems the blocking is working - thanks to block https://ff.sitesearchweb.com/offer.
        It’s tricky. Typing https://ff.sitesearchweb.com/ will redirect to https://www.sitesearchweb.com/ so I realize https://ff.sitesearchweb.com/ is not a real domain. And the main part of the link you provide is https://ff.sitesearchweb.com/offer (after stripping the parameters) so blocking it make work.

        I will remove https://ff.sitesearchweb.com/ from the list because 349 blocages restants (limite de 500) - please let me know if these ads returns back, then I’ll add it again into the list.

        The 3 domains that you provided has been blocked:

        scamSite: get.wavebrowserpro.com
scamSite: productivityboost.net
scamSite: photoeditor.net

        Please let me know if you see others.

        1 Reply Last reply Reply Quote 2
        • donhoD
          donho @Coises
          last edited by donho

          @Coises

          I have no reason to think that it doesn’t block what you enter. What I meant was that it’s not accomplishing much, since it seems like no matter how many bad ads you block, there are always more to take their place. It seems like this is making a lot of work for you, but the whole nature of the advertising system is just undermining your efforts. (No complaint or criticism towards you, just disgust for the whole ad-supported nightmare that is the modern web.)

          I do what I can do.

          Though a lot of them are missleading, not all of ad destinations are “malicious” - here’s an example:

          6fbd3865-160c-4eb7-bb98-0b15672ea93b-image.png

          The link of “Download the White Paper” is:

          https://more.suse.com/Security_controls_for_the_OWASP_Kubernetes_Top_10.html?utm_source=google&utm_medium=display&utm_campaign=5_0004280_OA_Google_NeuVector_OWASP_Whitepaper_mp_2024737_en&utm_term=NeuVector_Prime&qgad=749273370457&gad_source=5&gad_campaignid=22495509070&gclid=EAIaIQobChMIq7mXqOCgjgMV3Yd_BB0V5DQqEAEYASAAEgJecfD_BwE

          which leads to https://more.suse.com/ - a section of suse.com website.
          It’s not the first time I’ve seen this - I have also blocked Microsoft & Google chrome.

          I don’t think these prestigious companies are aware that they are running the misleading ads. The real issue, I suspect, is that the marketing departments within these companies work with ad agences that view the traffic as an efficient way to boost superficial performance metrics and revenues.

          OTOH, back to 2013, in Oracle Java download from their website, it contained even the crapeware:
          https://www.facebook.com/Notepad.plus.plus/photos/pb.100057220819766.-2207520000/569194946466175/?type=3
          And Adobe did the same thing:
          https://www.facebook.com/Notepad.plus.plus/photos/pb.100057220819766.-2207520000/948957855156547/?type=3

          The both cases above, it’s really too huge that I don’t see how they can be innoncent.

          F 1 Reply Last reply Reply Quote 2
          • F
            Fitsneezy @donho
            last edited by donho

            • Malicious link removed
            • Malicious link removed
            donhoD 1 Reply Last reply Reply Quote 0
            • donhoD
              donho @Fitsneezy
              last edited by PeterJones

              @Fitsneezy
              Both convertfile.ai & gamesuniverse.co are blocked.
              Thank you.

              1 Reply Last reply Reply Quote 2
              • Steve BondsS
                Steve Bonds
                last edited by donho

                Still showing misleading download links:

                Malicious link removed

                via

                Malicious link removed

                1 Reply Last reply Reply Quote 1
                • PeterJonesP
                  PeterJones
                  last edited by

                  Instead of posting the actual links here – so that this forum becomes a honeypot for every webscraper and gets all these malicious downloads higher in search-engine rankings – could I suggest that people just email Don at the email address he’s already published in this discussion?

                  donhoD 1 Reply Last reply Reply Quote 4
                  • donhoD
                    donho @PeterJones
                    last edited by donho

                    @Steve-Bonds
                    Blocked, thank you.

                    @PeterJones
                    Sorry about the pollution with these scam links. I modified the 1st announce and I’ve removed some malicious links in this thread. Feel free to remove the rest if you judge necessary.

                    1 Reply Last reply Reply Quote 1
                    • water hearwaterW
                      water hearwater
                      last edited by donho

                      Malicious link treated & removed

                      1 Reply Last reply Reply Quote 0
                      • G
                        gaberilde
                        last edited by

                        More Malicious adds on the download page again here are the links

                        THE FOLLOWING LINKS BELOW ARE MALICIOUS:

                        https://wavebrowserpro.com/install
https://wavebrowserpro.com/blue-install

                        madds.png

                        1 Reply Last reply Reply Quote 0
                        • PeterJonesP
                          PeterJones
                          last edited by

                          Future Posters: remember, it is better to e-mail Don directly with malicious links, rather than to post them here

                          G 1 Reply Last reply Reply Quote 0
                          • G
                            gaberilde @PeterJones
                            last edited by

                            @PeterJones no problem

                            1 Reply Last reply Reply Quote 0
                            • First post
                              Last post
                            The Community of users of the Notepad++ text editor.
                            Powered by NodeBB | Contributors