Create accountLogin

Recent searches

No recent searches

Search options

Only available when logged in.
ioc.exchange is one of the many independent Mastodon servers you can use to participate in the fediverse.
INDICATORS OF COMPROMISE (IOC) InfoSec Community within the Fediverse. Newbies, experts, gurus - Everyone is Welcome! Instance is supposed to be fast and secure.

Administered by:

Server stats:

1.3K
active users

ioc.exchange: AboutStatusProfiles directoryPrivacy policy

Mastodon: AboutGet the appKeyboard shortcutsView source codev4.3.7

Public
Paul Cantrell

I am once again getting a wave of right-wing spam SMSes from Hillsdale College (purportedly). Are they actually letting their institution’s name be attached to political spam? I realize there are all kinds of super gross things about Hillsdale as an institution, but even so, I’d think the institution would want to preserve some shred of self-respect, or at least try to keep up appearances.

The spam links are all the domain rght.io followed by 6-character alphanumeric codes, such as:

rght.io/jjne75
rght.io/ip0l3b
rght.io/646anh
rght.io/aem0ai
rght.io/8gplnp
rght.io/mncl8i
rght.io/eo556l
rght.io/15bk46
rght.io/igd8ga
rght.io/pp2ggf

(Those are random examples, I don’t want them validating my number; I just want to send the typical Fedi server traffic their way.)

I haven’t investigated the domain, server, etc. at all, but if anyone is inspired…have at it!

Leon P Smith

@inthehands I'm getting 302-redirected to not-found.domain.

I'm guessing if you put in the actual links they sent you, you'd get redirected elsewhere. Sketchy as hell.

Jun 27, 2025, 05:39 PM·Public·Web
0boosts·0favorites
Public
Paul Cantrell

@leon_p_smith
Guess we’d better try all the combinations then!

Public
Leon P Smith

@inthehands Yeah I don't know what their kind of saturation of the space might be, to estimate how many URLs you'd have to try to have a reasonable chance of finding one that does something other than try to fake the non-existence of the domain.

Waaayyy more effort than what I'm willing to try, though.

Public *
Leon P Smith

@inthehands But like, that's presumably less than 2.2 billion URLS to try, so it would be doable, at least if you do it slowly with a distributed indexer.

On the other hand, this feels like a fairly low-effort redirector site, so the chance might be good that you could just crawl it over the course of a few days from a small number of computers. Though if I were ethically compromised enough to build such a site, I'd probably try to identify scrapers and replace active URLs with redirects.

And... assuming they are sending a unique code upon every SMS text, you shouldn't have to go looking for long before you find something interesting. I'd guess you wouldn't need more than a few hundred URLs, tops.

Of course, they could recycle their URLs and replace them with sketchy redirects after some period of time, say a week or three, which means the number of active URLs could be much closer to their recent spam activity. In that case, I'd guess you might have to try a few thousand URLs before you find one that is interesting.

ExploreLive feeds
About