Tuesday, July 03, 2007

freewebhost.com: Bad abuse handling

I must say I'm not really satisfied with how freewebhost.com allows executable files hotlinked and even not checked with a simple antivirus utility (and there are several of them that are free of charge!). Why not check what your users upload? It could be hurtful to others.

I was looking through the caught spam of the day, when I stumbled upon an "interesting"(i.e. trojan/virus) link:
Jul 03 20:08:49
endys!Endys@3-109.la.cytanet.com.cy MSG!#cyprus
hey watch us army fuck iraqian girl ;s www.freewebtown.com/videozone/.........
(......... represent the file name)

I don't know if this user deliberately spammed that link, but it was very annoying, and risky for other persons on the same network/channel. Imagine some innocent first-timers joining, looking at that and thinking "oh goody, porn!" and *click*! Things on internet are not always what they seem to be. I said that before and I'll keep repeating it!

And some free webhost providers DO NOT SECURE THEIR SERVICES! Someone should write some complaints and make an RFC standard about providing free services without checking uploaded data for virus/malware. Sure you care, sure you say 'thank you' at abuse@ emails, but that's not good enough, at least for me; and I'm a person that cares!

Check out the results of several antivirus software against this file (virustotal.com, image hosted at bayimg.com)
You can have a look at the analysis of that file (analysis.seclab.tuwien.ac.at)

No comments: