The Pooo Hijack, and an Empty Sweetbox...

| | Comments (0)

Here's an interesting roundup of unrelated Chinese oddities for you to get your teeth into. First off, let's look at something that redirects you to....er.....well, you'll see.....

poo1.jpg

From this file leaps great things - or at least, a bizarrely named hijack:

http://blog.spywareguide.com/upload/2007/05/poo2-thumb.jpg
Click to Enlarge

That's right, your IE homepage is hijacked to....Pooo.cn (Beta!) and restrictions are placed in the IE settings so you can't change it back easily. The site itself is a typical Chinese multimedia website, with an endless collection of videos and flash animations:

http://blog.spywareguide.com/upload/2007/05/poo3-thumb.jpg
Click to Enlarge

...yeah, makes no sense to me either. So there we have it, short, sweet and, er, odd.

Next up, something that I came across while looking for something else - sadly, the main site this stuff launches from is apparently dead but that doesn't mean we can't take a look at it:

sweet1.jpg

...well, we all like sweets, right? If you run the executable, you'll see what is presumably a EULA:

http://blog.spywareguide.com/upload/2007/05/sweet2-thumb.jpg
Click to Enlarge

Of course, I have no idea what it says but let's press on anyway:

http://blog.spywareguide.com/upload/2007/05/sweet3-thumb.jpg
Click to Enlarge

I can't be sure, but it looks like some sort of media player. Another offering from the same people gives us a (very limited) web browser:

http://blog.spywareguide.com/upload/2007/05/sweetbrowser1-thumb.jpg
Click to Enlarge

...again, with the main site down it doesn't currently do much other than sit there and look nice. However, thanks to the wonderful Internet Archive, we can go back and have a look at the main site:

http://blog.spywareguide.com/upload/2007/05/sweet4-thumb.jpg
Click to Enlarge

...so, it looks like a good bet that both of these applications were simply there to serve up the movies and videos from that website. If the site ever comes back online, we might be able to get a firm answer and wrap everything up in a neat little bow or something...

Leave a comment

About this Entry

This page contains a single entry by Christopher Boyd published on May 21, 2007 9:17 AM.

A Korean Trick or Treat? was the previous entry in this blog.

Skype Worm Variant Targets Other Instant Messaging Clients is the next entry in this blog.

Find recent content on the main index or look in the archives to find all content.