Closed tofof closed 7 years ago
wirecomic.com was discovered by bulk registration of accounts among with the others in the addendum pastebin, not by traversing threatcrowd. I don't know if it matters legally though.
@anon182739 what do you mean by bulk registration? Registration on what service?
@paulgb https://github.com/paulgb/BarbBlock/issues/4#issuecomment-322591672
No, the addendum (https://pastebin.com/CYvL1GyJ and https://pastebin.com/Bu2gFH9J) isn't from threatcrowd, it's from using a script to register accounts and get the script domain they use.
I ran script that created 600 accounts and got the script URLs, these are the only ones in the list. The least common one (jadeitite.com) is present 8 times, the most common one (82o9v830.com) is present 20 times.
what do you mean by bulk registration?
It creates a lot of accounts in an automated fashion, in total (including the accounts created for https://github.com/anon182739/admiraljs) it's created 940 accounts so far.
Registration on what service?
Admiral. You can try Measure ("the industry's most advanced and accurate adblock analytics module") for free without chatting with them, all you have to do is register an account and you get a script tag. It might be legally questionable to publish them depending on what qualifies as "authorization" in the CFAA. I'm not using any exploits, but it's not an officially sanctioned use either. If you want to err on the side of caution, remove the ones listed in https://pastebin.com/CYvL1GyJ until you find them again from threatcrowd.
Updates list to include only domains discovered and confirmed algorithmically by method in issue #2