How can a diploma mill create a pop-up ad on a secure server?

A friend of mine works for Oracle. She says they have such a secure internal Email, she has never had a spam message in five years.

She reports that late on Friday afternoon, while she was doing internal Email, a pop-up screen appeared for the huge Romanian-based degree mill operation ("Prestigious degree...").

The appearance of any pop-up, much less this one, astonished everyone in the office. No one seemed to believe it was possible.

Apparently Oracle security will be looking at this next week.

Any thoughts on how such a thing could happen? Have those Americans in Romania put some of their ill-gotten millions into research leading to some terrible spamming breakthrough?

 

I got the same pop-up on Thurs/Fri last week on my internet gateway server. I have a small gateway with one "half" open to the internet and the other "half" feeding my LAN via Netgear firewall. Remember, I'm OracleGuy -- in name and deed! My "home" network hosts an embarassing number Unix/NT servers that I use for business and research.

It was on the WAN side (W2K) of my network that the pop-up appeared. My firewall blocked the LAN attempts successfully.

Oracle's pop-up mystery may have come from the "inside". A trojan I would suspect. Like moi, lots of consultants live outta their laptops. Connection to numerous nets on a regular basis makes your lappy particulary valnerable to e-diseases.

It would be impossible to MS message through a properly configured firewall. Thus my money is on internal replica or an exposed port rather than a genuine hack.

I've a number of cronies at Oracle, so I'm going to send the security group my firewall logs. Lots of revealing info in said texts.

Cheers....R

 

R --

Fascinating. Trojan possibility, eh? Well, with at least 70,000 "alumni" (i.e., fake degree buyers) of this Romania-based enterprise in the US, the odds are pretty good that one or more can be found at Oracle.

If you discover any connection (or possible connection) with Romania, I'd love to hear more about it. Thanks.

John Bear
[email protected]

 

Has your friend or one of her colleagues installed any freeware or shareware? Some -- I believe Kazaa is one -- are described as "spyware" -- they can monitor Web sites you visit, report this to the spyware company, *and* pop up ads.

 

There are a great many ways that this could have been accomplished, I don't know why it would have "astonished everyone in the office." I guess noone familiar with network security was present at the time. There is really no way to ensure 100% security in any functioning networked system, you can only attempt to minimize risk.

 

I just had this pop-up (not a true pop-up site, an ms message pop-up) appear after going to this (degreeinfo.com) site. It is probably a coincidence, but it makes me wonder who they are going after and how they are doing it. Knowing a little about networks and the internet (although not nearly as much as some posters here), I can think of many possibilities for both questions. Oh well, keep up the campaign.

Tony

 

"A developer of bulk-mail software has figured out how to blast computers with pop-up spam over the Internet through a messaging function on many Windows operating systems. The function was designed for use by computer network technicians to, for instance, warn people on their systems of a planned shutdown."

Web Tool Combines Junk Mail, Pop-Ups