Blogs > Security Research

Adobe Groups Abused

Published on:

Authored by:




Adobe Groups Abused

We've seen Google Groups and a host of other sites that permit user driven content to redirect to malware or other nonsense. This morning I saw a rash of Adobe Groups posts redirecting to fake pharmacy sites (pharms / pills sites). For example:

... most all postids between (that's more than 2K posts!) ...

Users that follow the links visit a page that looks like:

Clicking on the advertisement takes you to the pharm redirector:
hxxp:// (has referer)
302 redirects to the pharm: hxxp:// (USID tracking cookie is set) domain registration info: domain registration info:

The lesson here is that if you or your company is going to start a "Groups" page (or any site that allows user driven content to be published onto your site), you need to have a mechanism in place to validate the content / prevent this sort of abuse. I sent a note to Adobe notifying them of this problem.

Suggested Blogs