The MSN Dark Chain of Spam – and others


As you have seen from my precedent posts in this period MSN Privacy Threat Domains signed a significative incrase. You can also see how methods and structures used in these domains are similar.

The same HongKong Domain runned with the same HTTP-Daemon, the same way of Tracking Cookie releasing and finally different advertised End Point Domains.

Now my question was “Is possible to reveal the presence of a Chain of Spam Informations between these sites?”

The response come out automatically yesterday, some time ago I’ve created a fake MSN Account and joined to one of these “Services”, precisely is one of the classical Domain spreaded through MSN, but with some basilar difference respect others one.

Let’s see the code:

<frameset cols=”0,*” frameborder=0>
<frame src=”pop.php” name=””>
<frame src=”indexx.php” name=”mainwindow”>
<script src=”; type=”text/javascript”>
<script type=”text/javascript”>
_uacct = “UA-3898830-2”;

-> pop.php

var UserClicked=false;
function spyclick()
function popup()

In other words you’re redirected to that is the advertised Website.

-> indexx.php

Contains a fake Privacy Policy

“By filling out this form, you authorize TST Management, Inc to spread the word
about this 100% real and upcomming Messenger Community Site.
You will receive your share of the credit in helping us spread the word.  This is a harmless
Community site which is offering users a platform to meet each other for free.

We do not share your private information with any third parties.

This page is not affiliated with or operated by Microsoft(tm) or MSN Network(tm).

TST Management, Inc reserves the right to change the terms of use / privacy policy
at any time without notice. To view the latest version of this privacy policy,
simply bookmark this page for future reference.

You understand that this agreement shall prevail if there is any conflict between this

agreement and the terms of use you accepted when you signed up with MSN. You also
understand that by temporarily accessing your msn account, TST Management, Inc
is NOT agreeing to MSN’s terms
of use and therefore not bound by them.

Eheheheheeh strange this TST Management!! has a “Legal” Privacy Policy that is not conventionally written, a “Legal Policy” that breaks Microsoft and MSN Laws? wooow are in front of a new frontier of legality!! Sign a Legal Policy to Break legally third parties laws! 🙂

After substribing to my HoneyPot account popped with various advices from


So this IS a CHAIN of Spam Websites that exchange/sends your credentials to the various domains!

If you receive other of these advices report me it, and I’ll dissect it 🙂

May the God of Paranoia be with you 🙂

5 Responses to The MSN Dark Chain of Spam – and others

  1. ^_^ Me says:

    Great analysis my dear 🙂

  2. Jas says:

    how to remove this??

  3. After reading through the article, I feel that I need more info. Could you suggest some more resources ?

  4. evilcodecave says:

    I don’t know other info about msn spam, but by searching on google you can see many msn virus explainations

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

%d bloggers like this: