Bogus Update Sites

Just found a site that has apparently been hijacked. I used it as a source for some nice wallpaper images (open source) and logos for the Soldiers of Suicide site I built for that organization. I wanted to look for some images for another project, so went to that site again.

When I went to the main page, I got an ‘outdated Java’ warning, with an invitation to click on a link to update my installation of Java. I don’t do that (never install software from a place that ‘helpfully’ alerts you to a needed update, unless it is the actual vendor’s site). So I attempted to close that browser tab, and immediately got additional warning messages, and was unable to close that tab without using Task Manager to kill the browser.

I wanted to notify the site owner about the apparent site hijack, and noticed that the site owner had changed in the past couple of days, to an owner in Indonesia. Another warning sign of a bogus site. Apparently, the original site owner had let their domain lapse, and it was grabbed by a hacker that is trying to push an infected “Java” update.

So, the warning is to be very wary about clicking on links that suddenly pop up with a security update warning. If you need to make sure your software is up to date, use the Personal Software Inspector from Secunia. Recommended; it will ensure all your software (not just OS) are kept current. It is free for personal use. I have used it through several versions, and install it on all of my personal/family systems.

Leave a Reply

Name and email are required. Your email address will not be published.