Monday, December 7, 2009

A word of caution - a scam site, possibly a phishing site

Some of you may have run into a website known as the "Wally files" aka Wallywashis.name.

The site claims to offer downloads of songs/albums for free and it requires users to register. It sounds like an Albumbase clone, except that there's no real music.

Disclaimer: I have no connection to this site, but I'm here to report on it since there appears to be little information elsewhere on the web.

http://wallywashis.name/oe/index.html

"Wally was his name and MP3 was his file"

Okay.

So I stumbled on this site while searching for rare releases online. After an inspection, I concluded that it could not be real. No sour grapes intended.

The website advertises a wide range of music genres, ranging from mainstream, to extremely obscure acts. While on the outside looks like a great source to get some hard to find releases (hell, I wonder how this guy even thought of putting obscure neofolk/martial/ethereal groups on there), it is really a scheme to reap advertising revenue, and possibly lift passwords off unsuspecting users.

Here's why it's not legit.

1. The account/password creation system does not have proper verification procedures
2. User access is not encrypted
3. There is no brute force protection
4. For a site that has a wide library, it lacks a search feature. Do users really have to resort to googling "site:wallywashis.name " ?
5. Doesn't use adsense or other services, only surveys that require unsuspecting individuals to compromise their address, mobile phone numbers, and install suspicious software. This is asking people to take a huge privacy and security risk, while causing some to experience billing charges for spam text messages from the surveys.
6. There are very few published comments on the site's blog. Notice how the navigator says that some posts have 60-170 comments. Many of them are moderated and not published. Somehow the guy running the show either forgot, or realized he was getting beat at his own game.

Further investigation yielded an IRC conversation on musicbrainz, which establishes further doubt of the site's true intent.

Available here: http://chatlogs.musicbrainz.org/musicbrainz/2009/2009-01/2009-01-06.html

"
looks almost as if someone has copied the mb db as fake mp3 open dir listing http://wallywashis.name/mp3/

and is using the data to get people to subscribe to some dubious site for "access"

the thing is, by manually entering band information, you can "find" even the most little-known bands :)

Cunning.

It's a bit odd to find "mp3s" for a demo tape I made 15 years ago over there

Considering I have the only copy of the tape and have never encoded it into mp3 in the first place :D
"
In summary - someone just copied musicbrainz's database of artists and albums and listed them as downloadable files. Even someone's old demo that was never encoded, let alone released.


Having a site like that is truly dishonest. Odds are the "library" it has is not real either - just spam files that have had their filesizes adjusted to simulate bitrate and track length. Some speculate that the files were merely indexed from popular sites such as last.fm and such.

Therefore, avoid it at any cost. And get the word out.

43 comments:

  1. I just wasted 5 minutes trying to sign up to that site, then thought to google and found this. Thanks.

    ReplyDelete
  2. umm before it was what it is now, you could download all those files off his site, just now you need to register and has a crapload more songs

    ReplyDelete
  3. I was just about to download Ludo from one of his indexes until i found this :) McAFee site advisor didn't even catch that it was bad. Thanks!

    ReplyDelete
  4. http://1029.wallywashis.name/mp3/pehden
    Lol and it shows that i have an unknown demo, lol bs site.

    ReplyDelete
  5. Sheesh, I wish I'd have clued in sooner. I don't know how many of his stupid surveys I tried to complete. They just kept coming! He keeps giving you surveys until you give up. Good thing I didn't give out any of my real info.

    Here's more proof this is fake. He shows a picture on his site, supposedly of himself. A reverse image search (TinEye.com) leads to an article showing the exact same picture, described as a computer synthesis of the most honest person's face. Ha!

    ReplyDelete
  6. Thanks for your due dilligence in posting this valuable information. You saved me time and invasion of privacy. It's people like you that makes Google and web for that matter a great resource.

    Thanks again for posting.

    ReplyDelete
  7. Yeah, I found some recordings of mine listed in that site. Odd thing indeed. Great post, thanks for the info.

    ReplyDelete
  8. If not for your warning, Id still be filling surveys for that moron. Thank you.

    ReplyDelete
  9. Thanks, does anyone know where I can download the King Kong discography? Hell, even just a few songs, been searching google for hours for this shit :/

    ReplyDelete
  10. I suspected it was fake as soon as it asked for a password to download the mp3, but I just wanted to be sure. Thanks for your thorough research.

    ReplyDelete
  11. I wasn't surprised after filling in one stupid survey. Being a DJ myself, I'm always on the search for rare remixes of classic hit songs. This site lead me toward a track I was really digging for, but it's not worth all that trouble with those surveys. Ugh.......

    ReplyDelete
  12. Thanks. My jaw dropped at the sight of his supposed Pollyanna collection. Good to know I am not missing anything.

    ReplyDelete
  13. any webmaster who barely knows about html/php language can confirm that it's faked site. I checked wally's site HTML code, especially list pages. These pages are supposed to be generated by Apache (the web server hosting them), but they're faked Apache lists.
    I must say that it's a pretty smart phishing concept though

    ReplyDelete
  14. The site lists obscure demos of mine. Def swiped from Last.fm listings.

    Wotta load of crap.

    ReplyDelete
  15. I've been amazingly naive on this one (or greedy with getting one great song), and I've been on this site, even made friends click on a link I'd been given. Are there some real risks ore firefox managed the possible phishing? How can I be sure we're not threatened?

    ReplyDelete
  16. Well done, sir. I was almost tricked.

    The things we do for a good tune. . .

    ~Austin

    ReplyDelete
  17. damn i've spread the link, i wanted one rare song so badly... people are not supposed to play with such things!

    thanks for this post anyway

    ReplyDelete
  18. Now he claims to have uploaded all his albums to a usenet newsgroup "alt.bin.wallywashis-mirror". Can anyone prove that this newsgroup actually exists?

    I asked him something via e-mail and he actually answered. This photo was at his google profile. Maybe it's the man himself, or maybe not?

    https://lh3.googleusercontent.com/-YAPuAUuD1l8/AAAAAAAAAAI/AAAAAAAAAAA/o2jFuVrcGJU/s200-c-k/photo.jpg

    His new scheme is to get 10 people to sign up (referer link) and complete a survey.

    ReplyDelete
  19. You can read all about it in here. The man himself (Wally) admits that it is indeed a fake website. Nothing to download, just plenty of surveys to fill. Guess he got his nasty girlfriend pregnant and now they need some diaper money, because the man is unemployed.

    http://www.infosprite.com/2010/06/23/we-may-not-actually-make-anything-but-when-it-comes-to-scamming-were-innovative/

    ReplyDelete
  20. http://wallywashis.name/share-mp3?d0fb9f10af40f please click

    ReplyDelete
  21. It's a useless cunt of a sight. You complete a survey (giving a real email address - everything else fake - so that I can 'complete' the thing), go back to Wallyfuck, click 'finished'... and I'm required to complete a survey.

    I DETEST these sly, insidious, creepy 'surveys' and 'free offers' - that's why I created an email address especially for Wally and his bucket load of shit. Now I've deleted it, I'll take a shower and wash off the slime.

    ReplyDelete
  22. His name is very complicated backau....; i tink is from nepal and is black
    the picture (white man) is from internet never pay or try to buy something from him
    his website is a scam his adresse is (i tink)


    Address: 27c, The Comfort Housing Budanilakantha Kathmandu, Nepal
    Phone: +977 981 360 1506

    http://wallywashis.name/ = SCAM ILLEGAL AND MALWARE

    http://ripxr.com = SCAM ILLEGAL AND MALWARE


    THIS WEBSITE IS A SCAM USING PLIMUS SERVICES .
    SELL A SOFTWARE WITCH NOT WORKING
    DONT ACCES OR BUY SOMETHING FROM HIM IS TAKE ALL THE MONEY FROM YOU.

    ReplyDelete
  23. As far as I've seen, an account is not necessary for downloading his music... or "music", as I haven't download anything yet because of the suspecting extension his files have. The only requirement is to enter an username and a password that he provides. It even has a rapidshare mirror... Obviously I thought all that easy access to obscure music was pretty suspicious, that's why I googled it.

    ReplyDelete
  24. I've downloaded an album of The Playmaates from this site, and I'm linked to TurboBit which hosts the file. The format is RipXR and it needs an utility to extract, which can be takem from ripxr.com. I'm not asked for any username nor password, except the one he himself provided.
    The ripxr format is listed in file-extension.org as a new compppressed file format.

    ReplyDelete
    Replies
    1. Be careful, it looks that also ripxr is a scam.
      I downloaded it and scanned with avast AV and found negative to infection. However, once launched, the program ask for a registration fee of 8.5 USD !!!
      Then I ran a quick search and indeed there are no traces of such software and software house other but ripxr. It smells like a big scam.
      Check also:
      http://www.tech-forums.net/forums/f51/ripxr-file-format-252167/
      http://www.ask.com/answers/49786861/what-software-can-be-used-to-open-ripxr-files

      Delete
  25. And I thought the site was just really badly designed.

    ReplyDelete
  26. Willy washy wanker sites load of bollocks and deadly for your computer

    ReplyDelete
  27. how can he have all those fake file sizes did he just edit the HTML to say that or what

    ReplyDelete
  28. Thanks for the warning; in face I doubt you can even DOWNLOAD the fake MP3s. Those surveys will never unlock, and just keep bombarding you with MORE fraudulent surveys...

    ReplyDelete
  29. As soon as I saw we had to complete a survey to download the music I said to myself,

    "hell no."

    ReplyDelete
  30. Shame - he listed an album by Chunk called Secret Mission File - used to love that CD when I was growing up. Still no idea how I'll get a copy of it...

    ReplyDelete
  31. THANK YOU SO MUCH! I swear, I had no idea when those surveys were going to end, and at certain points it just wouldn't let me continue because I had to put in valid credit card information or something.
    A big disappointment, though. I'm searching the deepest, fishiest depth of the Internet to find those Sondre Lerche songs...

    ReplyDelete
  32. He's now expanded -- if you get a link to unknownsecret.info, that's the same guy.

    ReplyDelete
    Replies
    1. why?? they have all the discography of the band i want,
      if someone knows where I can download the music of the japanese band Ribbon please tell me!!!
      (sorry the bad english

      Delete
    2. Thank you for the information! I feel it strange when I have to input all those info just to sign up, so I searching if this is scam site. Glad I found this site

      Delete
  33. Beware. They use same IP with several domain names to different sites.
    wallywashis.name
    unknownsecret.info
    hili.unknownsecret.info
    haroldhas.info
    sirens.rocks

    ReplyDelete
  34. Thanks for this! The Wally site has got one album and one single of mine listed on it. I wasn't hugely fussed since you can technically get them both for free anyway (or choose to pay) at www.calumsmusic.com

    In a way though it'd be a pity if somebody was looking for my music and found that Wally site instead.

    ReplyDelete
  35. His terms of service are pretty funny. For example:
    xiii. You agree to provide accurate information during the sign up process. You agree to provide Google, Facebook, and Microsoft with all of your personal information. Should any of the aforementioned companies offer a tracking chip implant at some future juncture, you agree to have it surgically installed as soon as possible.
    xvii. You must be fully clothed. Men must wear a jacket and a tie. Women must be wearing a conservative dress or business attire. There will be no exceptions to this policy.
    xx. You must brush your teeth and floss at least twice daily.

    ReplyDelete
    Replies
    1. And I got more questions... Like this site called "sirens.rocks" which provides a torrent within those fake downloads, and I'm quite confused... Is that possible a Gazalle? (what.cd stuff) I mean, in my opinion, that kind of website is really well-disguised to some extent, and I actually wonder if there is a real esoteric way to get an access...

      Delete
  36. thank you 4 the advice, and answering about "sirens.rocks" aply in te same way

    ReplyDelete
  37. Thanks for this. I was trying to solve a different problem, saw the password in a file - and in a moment of incredible stupidity - clicked the fkn link. Fortunately, it hit dead ether. I sort of remember trying this scam out of desperation, trying to locate an album that is so obscure almost nothing Googled except "wally..." I was so impressed it was listed there I thought it must be run by a kindred spirit. The only bright spot in this serial turd of mistakes is that "wally" is either quietly rotting in his mama's basement or he has moved on to new scams.

    ReplyDelete