A commenter named Steve pointed out yet another variant of the latest Facebook virus, this one posts a message with the web site called “www,articlecash,cn”.
Seems like the perpetrator of this virus is trying hard to stay one step ahead of their URLs being branded as attach or scam sites by changing the web address slightly each time. Odd that they used such similar addresses but it’s likely that they registered them a while ago for some other less nefarious purpose and just used what they already had.
These sites are hosted in China and the registration information is for one of the largest web hosting companies in China. Seems like someone is trying to hide behind a private registration in China. The Affiliate network tracking that the links push through is somewhere called go2jump.org, which is owned by Tatto-Media, which had run afoul of the Washington State Attorney Generals Office at least twice in the past. The final destination where the user is asked for their credit card for the Google Profit scam is a group called New Era Marketing, LLC 374 Banff Ct, Las Vegas, NV 89148.
The likely thing here is that someone in China wrote a virus that floods peoples Facebook pages with an affiliate offer from Spain that points to a US company. The US company can completely deny any involvement (and it’s likely the truth) and the jerk who wrote the virus will likely never get paid by the affiliate network after word gets back to them that they used a Facebook virus to advertise the offer.
Anyone seen another other variants? Anyone figured out where they got it from?