05|28|2011 12:57 am EDT
As reported by Symantec a few days ago, many parked domains have the chance to end up on a blocking list due to spammers abusing a security hole in the parking company’s redirect structure.
Symantec: “We have automatically blocked tens of thousands of these domains.”
While the post on Symantec’s official blog does not reveal the affected parking services, quick tests on three services revealed that at least two of them were vulnerable to the exploit. The spammers found a way to use the click tracking in the URL of the parking service to modify the target address by creating a link that contains their own URL. One of the services we found used Base64 encoding, whereas the other one simple used a URLencoded address.
Nick Johnston from Symantec recommends that the parking companies check the refer(r)er URL or add additional hashing to their redirect URLs.
[Update]: One of the domain parking system operators we identified and notified has informed us that a fix will be in place shortly.
[Thank you Hennie]