MalwareIntelligence is a site dedicated to research on all matters relating to anti-malware security, criminology computing and information security in general, always from a perspective closely related to the field of intelligence.


A recent tour of scareware III

Malicious code scareware type (or rogue) will not cease to methodologies of infection. Every day I find new malicious programs of this type, and many of them are clones of other not limited to the most widely used platform (Windows) but many of them are focusing their efforts on attacking other platforms like Mac every time earn more fans.

In recent days have reported many cases, including:

Cleaner 2009
MD5: 58f4cae88de364d7a16d43f123d13cf8
Netherlands - Netherlands - Ion
Platform: Windows
Associated domains:
cleaner2009solution. com
Antimalwaresuite2009. Com
VT Report: 9/ 38 (23.69%)

Antivirus 2009 Sys
MD5: 29c306e8b9791a919d6ccdd4d67b483b
Latvia Latvia - Zlkon
Platform: Windows

Associated domains:
sysantivirus2009. com

Antivirusnano. Com

VT Report: 19/ 39 (48.72%)

System Guard 2009
MD5: b32d763e5885a2d8520a47985a38dd8c
Ukraine Odessa Ukraine Renome-Service: Joint Multimedia Cable Network
Platform: Windows

Associated domains:

systemguard2009m. com

systemguard2009. com
sgviralscan. com sgproduct. com sgproductm. com getsgd3. com getsysgd09. com sg10scanner com sg11scanner. com sg12scanner. com sg9scanner. com sgonlinescan. com
VT Report: 8/ 39 (20.51%)

AntiSpyware Bot
MD5: caed5dde32e78f4e86792fe830ac1f6e
United States United States - Dallas - Internet Services Inc
Platform: Windows

Associated domains:
2Square. Com
errorsweeper. com

privacycontrol. com
regclean. com
www.antispywarebot. com
VT Report: 13/ 39 (33.34%)

Antivirus XP Pro
MD5: 161e8f7aac8c7ffb9f94dba38125bd75
Russian Federation Russian Federation - Netplace
Platform: Windows
Associated domains:
Allsupertubesonl. Com

Antivirusxppro2008. Com

Antivirusxppro2009. Com

VT Report: 19/ 37 (51.36%)

IE Security

MD5: c2c79c4dbcda629f6422623a4e334840

IP: 216,240,151,135
United States United States - Los Angeles - Atmlink Inc
Platform: Windows
Associated domains:
ie-security. com
Megavidon. Cn
Secured-software-order. Com
ie-security-config. com
webfreescan. cn

VT Report: 22/ 39 (56.42%)

WinDefender 2009
MD5: e3940a9e664dd80428803a09b27d3c0e
Latvia Latvia Ultranet
Platform: Windows
Associated domains:

VT Report: 18/ 39 (46.16%)

WinDefender 2009 is a clone of IE Security.

Internet Smart Security
MD5: 597d74008fbf3540649a71415f719c73
IP: 199,238,181,161
United States Colorado - Englewood - Ntt America Inc
Platform: Windows
Associated domains:

Intelinet-global. net
www.intelinet-global. net
VT Report: 17/ 39 (43.59%)

Total Defender
MD5: 8bcb981220d0145621a88c4881a6d2d2
Latvia Latvia - Zlkon
Platform: Windows

Associated domains:

rusexportal. com

total-defense. com

Webfreefind. com
VT Report: 23/ 39 (58.98%)

Police Antivirus XP

MD5: 8b4e351b819eacf152938cf3f58b5c43
IP: 216,240,151,134
United States California - Los Angeles - Atmlink Inc
Platform: Windows

Associated domains:
asvpay. com

configupdatestart. com
lickmydicktube. com mybestelitemovies. com ruler-cash. com ruler-stat. com spy-partners. com xp-police. com
VT report: 28/ 39 (71.8%)

XP Protection Center
MD5: cab283aab0df5d0b102a41a5c42317d5


United States United States - Beyond The Network America Inc
Platform: Windows

Associated domains:

xp-protection-center. com

xpp-center. com

xppcenter. com
VT Report: 37/ 39 (94.88%)

MD5: 02175c605820cffa4c2fdf8a162e7300


Ukraine Ukraine - Individual
Platform: Mac

Associated domains:

imunizator. net

VT Report: 3/ 39 (7.7%)

More in attacking Mac systems through security tool falas

Antispy Knight
MD5: ef7e0a364cb352a9d9aa5a3b83e2ad51
Latvia Latvia - Baltconn-net
Platform: Windows
Associated domains:
antispyknight. biz
VT Report: 11/ 39 (28.21%)

Related information
A recent tour of scareware II
A recent tour of scareware

Jorge Mieres

0 comentarios:

Post a Comment