Something very bad happening on this site?

I did a search for Skype (through majorgeeks search function)
and the first result brings me to this page:

http://majorgeeks.com/download4245.html

As far as I can see, that is the official majorgeeks site.

Okay, now if you let the mouse hover over the link on the
left side of that page where it says "Author: Skype Technologies S.A"

and check your browser status bar, you see that it doesn't
give the real Skype site! It goes to this address:

httpREMOVETHIS://www.kqzyfj.com/click-1042208-10386659

(I added "REMOVETHIS" to keep the link from being clickable.)

What's going on? Has majorgeeks been hacked?

PLEASE NOTE: The link I'm referring to is NOT the one that says
"the author's site" (written under the word DOWNLOADS).
Rather, it is the link on the LEFT side of the page that is supposed
to take you to the author's site. I'll copy the text here to show
you but will not make the link clickable to prevent readers
from trying to go there:

Author: Skype Technologies S.A
^^^^^ SEE HERE ^^^^^
Date: 2009-03-30
Size: 1.88 MB
License: Freeware
Requires: Win XP/2K
Downloaded: 244244 Times



I checked from 3 different computers and all of them are giving me
the same result, so I don't think it's any spyware/adware trying
to redirect links on my computer!

Wait, there's more!

I went to the antivirus section, and the Avast free home edition
"author's site" link gives this:

httpREMOVETHIS://esd.element5.com/affiliate.html?publisherid=26451&affiliateid=71706&target=http://www.avast.com

Yet the F-Secure package that MajorGeeks has seems to give the
correct address, so not all the postings on majorgeeks are affected.

Can somebody confirm this?

 

Yes, as a matter of fact Plodr reported a similar case yesterday: http://forums.majorgeeks.com/showpost.php?p=1315229&postcount=7

 

If you click on the link it will take you to: skype.com

 

Okay, it looks like Majorgeeks is peppered with these bogus links.
I don't think it was always like that before, I've used majorgeeks for years
to get software.

The skype page on majorgeeks says it's been downloaded 244247 Times.
It's doubtful in all those times none of us never noticed the author's site
didn't match up! Am I to conclude someone has managed to hack in
to MajorGeeks and change the links? That may also explain why ONLY
the link to the author's site and not the "download from author's site" link
has changed -they may have had difficult extending the hack that far?

 

The Mods should look into this. :eek

 

That link would take you first to kqzfyj.com, from there it might then
redirect you to skype.com. (Assuming you clicked on the correct link:
NOT the "download from author's site" but the link TO the author's site
on the left hand side of the page.) You'll know if you have the same
link or not by looking at the status bar of your browser WITHOUT
clicking on the link and seeing if it gives the address for kqzfyj.com.

Are you sure you didn't get redirected? On one of my test computers,
I purposely clicked on that link but my security software won't even
let me see it, so something is bad there. I don't recommend anyone
click on that link.

But kqzfyj.com is a malware/phishing site according to reports I've found.
They pretend to be the authors of software they have nothing to do with.

Folks, watchout for redirects and other tricks: the author's site link for AVAST on major geeks does fishy stuff. It looks like this:

httpREMOVETHIS://esd.element5.com/affiliate.html?publisherid=26451&affiliateid=71706&target=http://www.avast.com

So when you click on that, it is really esd.element5.com that is handling
your click. The end of that link containts "avast.com" so the element5
website will know enough to redirect you, feed you fake software,
do a drive-by infection, etc.....

Something isn't right and I'm convinced now the problem has nothing
to do with my end!

People, WATCH OUT, somebody is up to no good.

 

:cool Thanks to AnotherGeekster, Plodr and TimW...

 

Okay, that makes sense if you guys put it there on purpose as part of
an affiliate program, since kqzyfj and element5 both are listed as affiliate
or valueclick sites.

The reason my security software blocked kqzyfj.com seems to do with that
url being on a blacklist, but considering they may have been
handling more than just Skype's software, it's possible they had a bad
egg or two in the past that earned them the bad ranking. Of course,
this would make it erroneously appear that majorgeeks was serving up
bad links when your affiliate gets blocked.

I unblocked the skype affiliate link and sure enough...it redirected
directly to the authentic skype.com site.

Thanks for the info, I didn't know majorgeeks was putting in affiliate
links. In the past I hadn't noticed any but maybe that's
because a lot of the author's links on majorgeeks take you directly
to the author's true site without any redirects. (ie. kaspersky, f-secure,
gmer, etc.)

I do see a slight risk in that (ie. if an affiliate site changes ownership
and later decides to insert drive-by malware onto computers before
redirecting you) but that's outside of majorgeek's scope.

Again, thank you.