Jump to content

Build Theme!
  •  
  • Infected?

WE'RE SURE THAT YOU'LL LOVE US!

Hey there! :wub: Looks like you're enjoying the discussion, but you're not signed up for an account. When you create an account, we remember exactly what you've read, so you always come right back where you left off. You also get notifications, here and via email, whenever new posts are made. You can like posts to share the love. :D Join 91983 other members! Anybody can ask, anybody can answer. Consistently helpful members may be invited to become staff. Here's how it works. Virus cleanup? Start here -> Malware Removal Forum.

Try What the Tech -- It's free!


Photo

Slew Of Rogue Anti-Spyware Pushing Sites


  • Please log in to reply
No replies to this topic

#1 TeMerc

TeMerc

    MalwareBytes

  • Visiting Fellow
  • PipPipPipPip
  • 626 posts

Posted 14 December 2005 - 06:47 PM

Sunbelt blog has uncovered a few new sites pushing rogue anti-spyware tools, such as SpyAxe and Winfixer, both known around the security forums and listed on Rogue \Suspect Anti-Spyware list among many others.

Read links below for details:

It's a security scam party, and this is one party you don't want to crash

Patrick and Adam found a bunch more of these “security scam” sites.

IPs below, feel free to put these in your block lists.

Newly found sites

Mattie Muirhead
Florence, AL US
wm @ needupdate[dot]com
85.255.115.174 dns404[dot]net
85.255.115.130 needupdate[dot]com
85.255.115.173 yoursystemupdate[dot]com
85.255.115.172 systemwarning[dot]com

Mag Dicacik
Praha, CZ
mag @ sexpicporn[dot]com
85.255.115.172 securitywarnings[dot]net

Sites already known

Henn Preson
Stockholm, SE
henn @ teeeen[dot]com

85.255.115.130 Warningmessage[dot]com
85.255.115.131 syserrors[dot]com

Mag Dicacik
Praha, CZ
mag @ sexpicporn[dot]com

85.255.115.131 notfound404[dot]com
85.255.115.132 Updateyoursystem[dot]com
85.255.115.170 securityerrors[dot]com
85.255.115.179 hdnsservidce[dot]com
85.255.115.180 downldboost[dot]com


Full Read @ Sunbelt Blog

============================================
Wondering how people get to these bogus security sites and download junk like SpyAxe?

Our spyware researchers have been investigating Vcodec.com. This is a site that has a program called “VCodec v3.05b is new generation multimedia compressor/decompressor which registers into the Windows collection of multimedia drivers...”

Full Read @ SunbeltBlog


============================================
And another:
SunbeltBlog

    Advertisements

Register to Remove

Related Topics



0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users