Gnutella Forums - View Single Post

#30 (**permalink**) July 8th, 2005

GAAAAHHH

Can anyone tell me how the hell this is being done?

Isn't it enough to send 40 or so bogus results for every search? Now the *******s have to start substituting their spew for normal images as well?

I just found an ipod spam in my download directory titled "Resident Evil Front Cover.jpg". I did not do a search for "resident evil front cover" or any permutation thereof. It can't possibly have been me accidentally clicking on on of those bogus results. So where the HELL did it come from? It seems the following has occurred...

1. Someone that isn't the spammer has a file titled Resident Evil Front Cover.jpg. Presumably, this file is legitimate, since they aren't the spammer and therefore wouldn't be sharing it if it weren't.
2. My search finds this file. (It was for generic cover art.)
3. I go to download the file.
4. Somehow something goes wrong at this stage, and it starts downloading from the spammer instead of from the guy with the real "Resident Evil Front Cover.jpg" file.

How does step 4 happen? How does the spammer hijack downloads for normal files and not just put in their own spoofed search hits for their not so normal files? And how the hell can this attack be stopped? Avoiding the bogus search results is easy. But if any ordinary jpeg or wmv whatever can get hijacked en route and substituted with the dreaded ipod, there is no escape is there???