Badoo at it again

Locked
Jazspeak
Posts: 7295
Joined: Fri Oct 17, 2008 4:20 pm

Badoo at it again

Post by Jazspeak » Sun Sep 19, 2010 11:40 pm

It would seem that Badoo have recently been harvesting the address books of those with gmail and googlemail accounts, and then using the harvested e-mail addresses to send spam.

This came to light when I received an e-mail purporting to have come from a friend but when I queried the e-mail it was confirmed that his address book had been harvested.

I made some further checks and it looks as though the Badoo site is also involved in phishing. This phishing was confirmed when I went to the site and was repeatedly requested to enter credit card details in order to change some account settings (obviously I didn't give any real details).

FBIG
Posts: 20
Joined: Wed May 13, 2009 4:50 am

And just what does Badoo *do*?

Post by FBIG » Mon Sep 20, 2010 2:49 am

Jazspeak,

What in the heck does Badoo do to earn your ire, and what do we, as savvy MyWot users need to do about it?

Jazspeak
Posts: 7295
Joined: Fri Oct 17, 2008 4:20 pm

@ FBIG

Post by Jazspeak » Mon Sep 20, 2010 10:14 am

Badoo harvests e-mail addresses from gmail and googlemail address books. If you have an account with gmail or googlemail then you should take steps to protect the address books and/or contact lists to prevent spamming by Badoo.

BTW - Badoo.co.uk and Badoo.com have previously been identified as a source of spam.

Jazspeak
Posts: 7295
Joined: Fri Oct 17, 2008 4:20 pm

Protecting Address Books

Post by Jazspeak » Mon Sep 20, 2010 10:53 am

Probably the best way to protect address books from harvesting by spammers is to keep all contact lists, details, and addresses in an address book on the local machine, preferably on a removable media such as a USB stick, and not use any online address books.

Dutch Mountain
Posts: 2801
Joined: Wed May 12, 2010 5:20 pm

Rated

Post by Dutch Mountain » Mon Sep 20, 2010 11:30 am

@Jazspeak : Badoo.com seems innocent in first view.
According to your info I gave RED. BUT I'm having doubts if you look in URLVoid and Robtex

Robtex : Nothing suspicious and no blacklisting
URL Void report :
Report 2010-06-04 18:25:38 (GMT 1)
Website badoo.com
Domain Hash 5e18d0b685482584047a477c4213bc3c
IP Address 87.245.192.38 [SCAN]
IP Hostname badoo.com
IP Country CY (Cyprus)
AS Number 35545
AS Name BADOO-AS BADOO AS
Detections 0 / 19 (0 %)
Status CLEAN

Scanning site with: BrowserDefender CLEAN
Scanning site with: Google Diagnostic CLEAN
Scanning site with: hpHosts CLEAN
Scanning site with: Malware Center CLEAN
Scanning site with: Malware Patrol CLEAN
Scanning site with: MalwareDomainList CLEAN
Scanning site with: McAfee SiteAdvisor CLEAN
Scanning site with: MyWOT CLEAN
Scanning site with: Norton SafeWeb CLEAN
Scanning site with: ParetoLogic URL Clearing House CLEAN
Scanning site with: PhishTank CLEAN
Scanning site with: Project Honey Pot CLEAN
Scanning site with: SpamCop CLEAN
Scanning site with: Spamhaus CLEAN
Scanning site with: SURBL CLEAN
Scanning site with: TrendMicro Web Reputation CLEAN
Scanning site with: URIBL CLEAN
Scanning site with: Web Security Guard CLEAN
Scanning site with: ZeuS Tracker CLEAN

I'll see if I get spammed after visiting the site

BTW : I couldn't enter the co.uk extension it goes back to the .com

Jazspeak
Posts: 7295
Joined: Fri Oct 17, 2008 4:20 pm

@ peterbosch

Post by Jazspeak » Mon Sep 20, 2010 2:19 pm

Yes, Badoo does look innocent at first glance but it has been confirmed that Badoo did harvest e-mails from gmail and googlemail accounts. Reproduced the relevant part of an e-mail that I received confirming the harvesting:

"the badoo site harvested my email address book. I think I have sorted it now but let me know at once if you get any more from this bloody site.". (extract of e-mail received by me from a Senior Lecturer on 19/09/2010).

My own further investigation of Badoo also revealed phishing attempts in that Badoo tried several times to get credit card details from me.

The .co.uk address does redirect to the .com address, which is a ploy increasingly used by spam sites to lend credibility to those spam sites.

Although the site is clean vis-a-vis malware, et al, the site should still be treated with caution for the spamming and phishing. The harvesting of address books for spamming purposes is a serious cause for concern.

MagicDude4Eva
Posts: 172
Joined: Tue Jul 06, 2010 8:24 am

Need some clarification

Post by MagicDude4Eva » Mon Sep 20, 2010 2:58 pm

How does Badoo harvest gmail/googlemail accounts? I would be surprised is that is a Gmail vulnerability and especially nowadays with the large Android handset coverage, literally every Android handset syncs data to Gmail.

Jazspeak
Posts: 7295
Joined: Fri Oct 17, 2008 4:20 pm

Re: "How does Badoo harvest...?"

Post by Jazspeak » Mon Sep 20, 2010 4:11 pm

Perhaps you can let us know when you find out how it is done.

Re: "literally every Android handset syncs data to Gmail." - A good reason to stick with Blackberry.

MagicDude4Eva
Posts: 172
Joined: Tue Jul 06, 2010 8:24 am

Not going to try it out

Post by MagicDude4Eva » Mon Sep 20, 2010 5:40 pm

but a quick Google search shows:
At registration you are asked to enter your msn/gmail/yahoo username and password to find out if other friends are also on badoo.


Sources: Badoo at [url=http://www.killerstartups.com/Social-Networking/badoo-com-multi-lingual-social-networking-site t=_self]Killerstartups[/url] and on [url=http://www.google.com/support/forum/p/gmail/thread?tid=52fa142ea7434a94&hl=en t=_self]Google Forum[/url]

Quite scary if this is true and very surprising that Google does not do anything about it. (And that there are users out there who enter their userid/password on a social-networking site).

Jazspeak
Posts: 7295
Joined: Fri Oct 17, 2008 4:20 pm

Re: "Quite scary"

Post by Jazspeak » Mon Sep 20, 2010 8:29 pm

Good couple of links, especially the Killerstartups clearly showing, "they import all your contacts and send them invitations in your name", which confirms in part the harvesting of contact details for spamming purposes.

It does strike me as slightly alarming that Badoo is described as a social networking site when it is quite obviously an Internet dating site being used for spamming and phishing.

Locked

Who is online

Users browsing this forum: No registered users and 4 guests