slimp.net is an adware/spyware fraud scam
I was unable to find information about slimp.net anywhere on the web, so had to write my own post. On a number of occaisions, when I visited my web site, there was evidence that I had been hacked! Somehow, a malicious script was executed which placed an ad banner on my web site for some various pharma-fraud products. (Who else would use malware like slimp.net to sell their products?)
sleazy spam
So, the weird part is, I can’t figure out how they’re doing it. As best as I can tell, it’s either a jQuery hack, or else someone within GOOGLE is doing the hacking! (Because I only see the code when I am using the Google Chrome Browser, and when I am linked from Google Search, logged into my Google Account.) When I view the page source, it looks fine. However, when I use the Google Chrome Inspector, as painful as it is, It shows the code in question:
Is anyone else getting spammed by these cyber-criminals at slimp.net? Please comment below?
June 2nd, 2009 at 12:46 pm
Our site had the same thing happen. I found the hacked file, it was mootools.js. I posted the code here: http://test.whygee.com/slimp/
You can see they just added code to the top of the file.
I haven’t found the rest of it if there is more.. somehow it has to detect if you’re coming from google.
-cS
June 2nd, 2009 at 12:47 pm
Might want to take the “No Responses” part out of your wordpress template =)
June 2nd, 2009 at 1:02 pm
Thanks cS. I should have known it was mootools… I hereby apologize for implicating jQuery!
June 2nd, 2009 at 1:15 pm
No prob. Nice site btw. I think the problem may be related to Apache 2 though and not jquery. I’m still lookin.
June 2nd, 2009 at 1:58 pm
you can find it by typing this in your root dir:
find . -type f -name “*.js” -exec grep -il ‘Click Here’ {} \;
June 8th, 2009 at 4:44 pm
My site has this in it too. I believe it has something to do with a plugin as well, “Tiny MCE Advanced”. I will have to check it out further. I need to look for the offending script and/or code.
Thanks for the tip.