Advertisement:

Author Topic: Spammers from 'Avast.com'?  (Read 509 times)

Offline shin111

  • Semi-Newbie
  • *
  • Posts: 68
Spammers from 'Avast.com'?
« on: July 04, 2018, 01:26:58 AM »
Lately the spammers that get onto my forum show their domain as some variations of ***.avast.com.

For example the lastest one's info showed up as:

IP: 5.62.61.206    0    
Hostname: r-206-61-62-5.ff.avast.com

Avast's supposed to be antivirus/etc. but these are spammers. What is up with that?

Offline landyvlad

  • Full Member
  • ***
  • Posts: 575
    • Michael Reed on Facebook
    • GSX1400 Owners ORG
Re: Spammers from 'Avast.com'?
« Reply #1 on: July 09, 2018, 10:10:16 PM »
what's an actual full example?

Try running it through this as see what it says:  https://www.whois.net/





Please do not PM, IM or Email me with questions on astrophysics or theology.  You will get better and faster responses by asking homeless people in the street. Thank you.

Offline Arantor

  • Resident Overthinker
  • SMF Friend
  • SMF Legend
  • *
  • Posts: 68,792
    • Arantor on GitHub
Re: Spammers from 'Avast.com'?
« Reply #2 on: July 12, 2018, 09:39:20 AM »
The OP gave a full example, and the IP is owned by Avast.

I wonder if they have some kind of proxy product.
To assume is to hope that those who came before had the presence of mind and capacity to implement the dreams of those who would come after.

Don’t try to tell me that some power can corrupt a person. You haven’t had enough to know what it’s like.

Offline landyvlad

  • Full Member
  • ***
  • Posts: 575
    • Michael Reed on Facebook
    • GSX1400 Owners ORG
Re: Spammers from 'Avast.com'?
« Reply #3 on: July 13, 2018, 01:59:49 AM »
Yeah I must have been asleep when I posted that, sorry.

Do you actually use Avast yourself?

This MAY be relevant (not they scam, but the site compromise) https://forum.avast.com/index.php?topic=220442.msg1468874#new

As an aside the forum seems to have a lot of example as top why NOT to use AVAST https://forum.avast.com/index.php?board=1.20



Please do not PM, IM or Email me with questions on astrophysics or theology.  You will get better and faster responses by asking homeless people in the street. Thank you.

Online GigaWatt

  • Support Specialist
  • Sr. Member
  • *
  • Posts: 894
  • Gender: Male
    • Macedonian electronics forum
Re: Spammers from 'Avast.com'?
« Reply #4 on: July 13, 2018, 05:47:05 AM »
Oh, they're using SMF too :).
"This is really a generic concept about human thinking - when faced with large tasks we're naturally inclined to try to break them down into a bunch of smaller tasks that together make up the whole."

"A 500 error loosely translates to the webserver saying, "WTF?"..."

Offline Arantor

  • Resident Overthinker
  • SMF Friend
  • SMF Legend
  • *
  • Posts: 68,792
    • Arantor on GitHub
Re: Spammers from 'Avast.com'?
« Reply #5 on: July 13, 2018, 06:13:04 AM »
Yes and when they were hacked a few years back they tried to claim it was because SMF had a vulnerability that was fixed but that we didn’t tell them about. Note: no patch was issued for how Avast got hacked, because the vulnerability was not in the software.
To assume is to hope that those who came before had the presence of mind and capacity to implement the dreams of those who would come after.

Don’t try to tell me that some power can corrupt a person. You haven’t had enough to know what it’s like.

Online GigaWatt

  • Support Specialist
  • Sr. Member
  • *
  • Posts: 894
  • Gender: Male
    • Macedonian electronics forum
Re: Spammers from 'Avast.com'?
« Reply #6 on: July 13, 2018, 06:24:54 AM »
Yes and when they were hacked a few years back they tried to claim it was because SMF had a vulnerability that was fixed but that we didn’t tell them about.

Ummm... so SMF is supposed to notify all forum owners that a public or a "secret" security patch has been released... yeah, right ::). And SMF decided that Avast, and only Avast, should stay out of the loop of this security patch... come on :D.

I wouldn't take them seriously, IMO their products are, more or less, a joke. Too much bloath, not enough functionality.
"This is really a generic concept about human thinking - when faced with large tasks we're naturally inclined to try to break them down into a bunch of smaller tasks that together make up the whole."

"A 500 error loosely translates to the webserver saying, "WTF?"..."

Offline Arantor

  • Resident Overthinker
  • SMF Friend
  • SMF Legend
  • *
  • Posts: 68,792
    • Arantor on GitHub
Re: Spammers from 'Avast.com'?
« Reply #7 on: July 13, 2018, 06:34:11 AM »
No, no, this happened just after 2.0.7 came out and apparently we didn’t put in the patch notes that we’d fixed a remote code exploit, so they didn’t update to 2.0.7. So yeah it was apparently our fault they got hacked.

Never mind that it wasn’t a remote code exploit and nothing to do with what changed between 2.0.6 and 2.0.7. It was apparently our fault they did what they did.

Seeing how I’m the one who personally made the 2.0.7 patch, I was less than enthused by this course of actions.
To assume is to hope that those who came before had the presence of mind and capacity to implement the dreams of those who would come after.

Don’t try to tell me that some power can corrupt a person. You haven’t had enough to know what it’s like.

Online GigaWatt

  • Support Specialist
  • Sr. Member
  • *
  • Posts: 894
  • Gender: Male
    • Macedonian electronics forum
Re: Spammers from 'Avast.com'?
« Reply #8 on: July 13, 2018, 06:40:51 AM »
LOL :D... OK... aren't they a security/AV company :D? Shouldn't they be the first to take things seriously and stay up to date, especially if they're using someone else's product :D :D :D?

OK, I'm not gonna rant any more. This is just proof how much they take security seriously... so glad I've never used any of their products :).
"This is really a generic concept about human thinking - when faced with large tasks we're naturally inclined to try to break them down into a bunch of smaller tasks that together make up the whole."

"A 500 error loosely translates to the webserver saying, "WTF?"..."

Offline Kindred

  • The Mean One
  • Support Specialist
  • SMF Legend
  • *
  • Posts: 56,491
  • Gender: Male
    • Kindred-999 on GitHub
Re: Spammers from 'Avast.com'?
« Reply #9 on: July 13, 2018, 12:14:18 PM »
We also spent a significant amount of effort to work with them, review their code and logs etc.....  only to have them disappear from the conversation as soon as we discovered that the attack vector was not SMF at all. (and they never printed a retraction of their public statement/accusation)
Please do not PM, IM or Email me with support questions.  You will get better and faster responses in the support boards.  Thank you.