10:07 AM
Recently I received a text message from an unknown number (18324646571), saying it was from a friend of mine and that I should click a link. The link alone is a dead giveaway that I should be concerned. I decided to trace the request path to see how the link resolved and what would be waiting on the other end. This meant I would have to see where the link took me (this was done in a controlled environment to prevent against possible viruses and trojans). I watched as the domain resolve against several other servers and eventually ended up at the glide.me homepage.
Some people online have said this is a virus, but the truth is, that's wrong. This is a simple (and exploited) marketing tactic someone is trying to use to make some money. Basically here is what is happening.
A company obtained names and numbers with the knowledge of who has who as contacts. This could be obtained using a virus or trojan but some people have stated that it was stolen from mobile carriers (which I think is more likely). The company connects to a advertising network as a publisher (someone who sends out spam, advertisements, or displays advertisements on their website). They assigned each person a unique code to track which users click and to control the tracking data associated with the click.
If you click your link it resolves against a page that converts this code into tracking data, like this.
http://launch1.co/serve?action=click&publisher_id=20320&site_id=20708&offer_id=251638&site_id_ios=16660&site_id_android=20712&sub_campaign=sms_invite
The people publishing this link are going to get a kick back from glide.me for all traffic that is referred there. And probably even more if the person downloads their software. Looking at the link, you can see that they track the site that sent it out, the offer/advertisement (i.e. "Hey buddy, check out this link! - Your friend"), the mobile sites connected, and how the user interacted with the offer (SMS).
Well this isn't a virus or a scam necessarily, it is spam and an exploitation of user data. Basically this is the text message version of junk mail.
Some people online have said this is a virus, but the truth is, that's wrong. This is a simple (and exploited) marketing tactic someone is trying to use to make some money. Basically here is what is happening.
A company obtained names and numbers with the knowledge of who has who as contacts. This could be obtained using a virus or trojan but some people have stated that it was stolen from mobile carriers (which I think is more likely). The company connects to a advertising network as a publisher (someone who sends out spam, advertisements, or displays advertisements on their website). They assigned each person a unique code to track which users click and to control the tracking data associated with the click.
If you click your link it resolves against a page that converts this code into tracking data, like this.
http://launch1.co/serve?action=click&publisher_id=20320&site_id=20708&offer_id=251638&site_id_ios=16660&site_id_android=20712&sub_campaign=sms_invite
The people publishing this link are going to get a kick back from glide.me for all traffic that is referred there. And probably even more if the person downloads their software. Looking at the link, you can see that they track the site that sent it out, the offer/advertisement (i.e. "Hey buddy, check out this link! - Your friend"), the mobile sites connected, and how the user interacted with the offer (SMS).
Well this isn't a virus or a scam necessarily, it is spam and an exploitation of user data. Basically this is the text message version of junk mail.
