Note: The Rootsweb Mailing Lists will be shut down on April 6, 2023. (More info)
RootsWeb.com Mailing Lists
Home

Results for list 'gencmp'

Total: 2/2
    1. YahooGroups hacked?
    2. Steve Hayes

    3. I belong to a number of genealogy mailing lists hosted by YahooGroups, which also have facilities for exchanging files, posting photos, links etc. Yesterday my wife tried to download a file from one of these, and her anti-virus program (Avast) had a hissy fit about a malicious site. I checked on my machine, and the same thing happened, which has never happened before. I noticed that if one clicked on the link to a file, one was redirected to another site, called "yahoofs", which looks like a spoof of Yahoo. I've blogged about it here: http://hayesgreene.blogspot.com/2011/08/yahoo-hacked-warning.html and have asked Yahoo about it, but have heard nothing from them or anyone else. It is a common trick used by phishermen and other malicious sites to display one address and then when you click on it takes you to another site, and that seems to be what is happening in this case. I'd be grateful if any experienced computer fundis could check it out, and let me know if they also have this problem, and also if other antivirus software reacts to this in the same way as Avast. -- Steve Hayes from Tshwane, South Africa Web: http://hayesfam.bravehost.com/stevesig.htm Blog: http://methodius.blogspot.com E-mail - see web page, or parse: shayes at dunelm full stop org full stop uk

    08/08/2011 06:42:03
    1. Re: YahooGroups hacked?
    2. Dennis

    3. On Mon, 08 Aug 2011 12:42:03 +0200, Steve Hayes <[email protected]> wrote: >I belong to a number of genealogy mailing lists hosted by YahooGroups, which >also have facilities for exchanging files, posting photos, links etc. > >Yesterday my wife tried to download a file from one of these, and her >anti-virus program (Avast) had a hissy fit about a malicious site. > >I checked on my machine, and the same thing happened, which has never happened >before. > >I noticed that if one clicked on the link to a file, one was redirected to >another site, called "yahoofs", which looks like a spoof of Yahoo. > >I've blogged about it here: > >http://hayesgreene.blogspot.com/2011/08/yahoo-hacked-warning.html > >and have asked Yahoo about it, but have heard nothing from them or anyone >else. It is a common trick used by phishermen and other malicious sites to >display one address and then when you click on it takes you to another site, >and that seems to be what is happening in this case. > >I'd be grateful if any experienced computer fundis could check it out, and let >me know if they also have this problem, and also if other antivirus software >reacts to this in the same way as Avast. I have one file posted in a Yahoo group that I run. When I hover over the link I get... http://f1.grp.yahoofs.com/v1/sME_TnHR2Rlpk_YbuC627FmgdZnZA7dsA-su3d6Fj-3F-v295Y_Yn8pA7_-0sldCe5j1QxZagGE1Sio20dTKwg/vbaPrettyDate.txt Clicking on it sends me to the file that I posted. So it looks alright to me. 'whois' says the registrant is Yahoo. Maybe "yahoofs" means "Yahoo File Server" or something like that? Could Avast be giving you a false positive? -- Dennis

    08/08/2011 01:37:50