Monday, January 04, 2016

Imdb "official site" links may sometimes be corrupt (or directed to malicious sites) as well as expired; safer to look up oneself


Tonight there was an incident when I was on imdb.com, and went to look up an “Official site” for a small film.  The site seemed to be the name of a director appended with a “.net” and a link saying “Enter” but Kaspersky intervened and warned that another redirection side ending with “.ru” (Russia) might contain malware.

Domain Tools shows that the individual’s name is associated with a .com and a .net domain.  The “.com” looks more credible.  So there is at least a possibility that a malicious party somehow manipulated the link on imdb to go to a different site; or it is possible that the “.net” was intended but itself might have been hacked with some kind of redirect. It would not be easy to tell what is going on until a security company, or security personnel at the hosting site, examined the situation.

Sometimes “full site” links given on imdb no longer exist, or sometimes are found to have been “parked” and are for sale.  In at least two other cases they were overlaid with sites in Chinese that appeared to be legitimate consumer goods sites (women’s wear).  However, there does seem to be an issue with relying on “official sites” on imdb;  it is better to look them up oneself on Google or Bing.

Full Kaspersky scans of my environment (Windows 10) after restarting find no malware.

Kaspersky sometimes intercepts adware on regular news sites and warns about “phishing links”.

I did find this link, 3 years old, on an htaaccess hack in older versions of Wordpress with plugins that cause redirection.

No comments: