Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 7 replies
  • Subscribers 1 subscriber
  • Views 2964 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Dodgy and suspicous site, Keywebtracker

James652

Hi,

Today, I was on google images searching for images in size 1920x1200 ( Wasnt searching up anything porn related)

I clicked on an image, And imediatly I saw that it didn't go to the website it said it would in google images, it went to http://keywebtracker.com/back.php?kw=Beautiful+earth&label=cars .

I had typed in Earth into google images, But I dont remember searching up Beautiful or cars.

It had then redirected me to http://searchgreatcars.com/search.php?q=Beautiful%2520earth

I have been testing every posible meathod in attempt to see if I have a key logger.

Whilst I was browsing, I never got any message from Sophos Endpoint security and control 9.5 ( I own it legit )

I noticed that if you click on http://keywebtracker.com/back.php?kw=Beautiful+earth&label=cars now, It redirects you to a random eBlog or ad, I have only clicked it twice, though.

I am browsing with Google chrome. I am using Windows 7 Home Premium 64x

Help?

:15713


This thread was automatically locked due to age.
  • 0

    Hi,

    This sounds to me like standard tricky to get hits on a variety of sites.  They poison the Google results pages with results which when clicked on send you to a variety of different sites.  You can think of the back.php site as just a random site picker from probably a long list of sites.  It passes key words it seems (note the kw parameter, more than likely stands for "key words") so if the randomly picked has the ability to search it passes them on to make it more likely to generate content you're interested in clicking on.   Of course there is potential that some of the sites redirected to may well be infected malware but that is always a risk when visiting any site these days.

    I would be highly confident that the symptoms you have described are nothing to do with anything malicious on your machine.

    Hope that helps.


    Regards,

    Jak 

    :15717
  • 0

    Thanks, to be sure, I started a sophos scan last night, When I woke up this morning, it found nothing bad.

    :15727
  • 0

    Hello James652,

    please see Malware Infected Website on how to report a suspicious website. But if it "just" serves ads it might not be classified as malicious.

    Christian

    :15729
  • 0

    Hi I did a google search and found this discussion. The website actually says on it's front page

    "auto tracker //Congratulation!!! You're BOT! Thank you! Bye "

    So is my computer a 'bot' now? I've tried running malwarebytes and it found nothing. It definitely sounds like this is installing something on people's computers. Any ideas?

    :15743
  • 0

    @frustrated

    Its definatly some wierd site. I went there with google chrome and Sophos Endpoint security 9.5, And neither of them said " Hey this looks suspicous" 

    The apparent company is german, So maybe they had to do a translation from german to english and it came out like that. It could be saying something like " Hi, we think you are a bot, goodbye"

    Yet, it does seems like the site was intended to install stuff onto peoples computer, as soon as I clicked away from the site, I looked into task manager and found nothing.

    I have sent this site to sophos for examination, I'll post here on what they reply saying.

    :15745
  • 0

    Hi, Sophos had replied with this.

    Hello,

    Thank you for your sample submission and contacting Sophos Technical Support.

    The result of the sample was as follows:

    back[1] => not detect-worthy

    Nothing malicious from the code

    Appears to be a website and cookie\ad experiment

    :15761
  • 0

    Hello frustrated,

    it delivers nothing but this text, so no need to worry.

    BOT in this context might could mean robot (aka spider, crawler, ...) - i.e. it could be just meaningless content in response to a search program hitting the root directory - or intentionally directed at nosy types (see the urban DICTIONARY for other meanings of bot)  :smileywink: .  

    While it is annoying (and perhaps embarrassing) neither the site nor the ones it redirects seem to be malicious.

    Christian

    :15765