OFFICIAL SECURITY BLOG

Personalized News Service Used as Launchpad for Spammy Content

July 23, 2014 | BY

Content aggregators have been that steady, stable bridge between internet users and the chaotic world of online information sharing for years. Many have grown to depend on such tools and services in order to be in the loop as much as they can about topics that are important to them.

One can even say that without Paper.li, Postano, Scoop.it, Flipboard, or Pulse, certain content may likely be picked up by readers less, if not at all, and businesses won’t be able to create the experience they wanted for their users.

Before the popular aggregators I mentioned above hit the net, there was CReAte Your Own Newspaper (CRAYON), a free online editor that lets users personalize the content they want to see from links to other news sites, effectively creating their own newspaper.

For a couple of days now, almost half a million CRAYON subscribers and their followers may have been potentially exposed to spammy sites.

A CRAYON post leading to a purported download siteclick to enlarge

Above is an example of spammy newspaper page containing a link, a goo.gl shortened URL, to a software download site. When I accessed that site, I was directed to a Blogger page with an overlay of a survey scam:

The survey scam overlayclick to enlarge

These pages can offer up anything and not just software downloads. From what I can tell based on the sample pages we have on hand, the offers can range to free streaming of movies and TV shows, online casinos, skin products, online money-making schemes, and other services that spammers and scammers have already used as lure before.

Below is a gallery of screenshots samples we have collected:

This slideshow requires JavaScript.

Newspaper owners can share their links to anyone if they like, even post them to their own websites. In this case, spammy links were posted on sharing sites where the public can readily access, such as LikeHub.

LikeHubclick to enlarge

A legitimate link follows the format, www[dot]crayon[dot]net/read[dot]cgi?{email address}. We suspect that the email addresses used—all registered to Gmail—were created for the purpose of creating spammy posts on this site.

CRAYON has been around since 1995 and prides itself as “The web’s first personalized news service”. It has won numerous awards, is featured in Fast Company,  and has been recommended as a great journalistic tool for children to use.

Suffice to say, it’s a trustworthy brand. Unfortunately, those with ill-intent have used it as a platform for content other than what is expected to see on there. As such, it is advisable that readers know the difference between good content with equally good links from the potentially bad ones before clicking.

Note: We have contacted CRAYON with this information and have yet to receive a response. However, when we do, we will update this post to reflect their stance.

Jovi Umawing