For quite some time now I have had “robots” mining my posts and putting them on their “blogs” resulting in pingback in my posts. Most of these are just intended to generate traffic back to their sites. Lately there have been some from a site of various names, but if the pinback is followed, looks like this:
It looks like a page full of YouTube links but if you click on one (I like to live on the edge) you actually go to a bogus site: http://youutubee.com/. You see the clever spelling? When you get there it tries to automatically download and install a program:
Now here is the bit about the Mac OS, the file is obviously a Windows .exe file and thus couldn’t be installed. Furthermore, FireFox (and Safari) both have warnings before downloading and installing (I know this is true on Windows as well). I cannot be sure, but it appears that it initially tries to do this in the background, since the page seemed to be trying to run a script before defaulting to the download attempt.
The truth is that there is little inherently more secure about the Mac OS, it is just not popular enough for hackers to have spent their time and energy targeting it. That is one reason why I am happy to have Apple profitable (therefore still in business) but not more than a single digit of the total market share.
The moral of the story boys and girls? Be very careful when clicking on pingback and always use protection.
One thought on “Warning: Dangerous Site (and why, for the time being, the Mac OS is more secure)”
I get crazy pingbacks all the time and hits from services like Savvis, Ripe, etc. I have started filtering the IP addresses when the look suspicious.
Folks upgrade your spam filters!