MalwareIntelligence is a site dedicated to research on all matters relating to anti-malware security, criminology computing and information security in general, always from a perspective closely related to the field of intelligence.

7.8.09

A recent tour of scareware XII

Considering that the best way to prevent threats is to know them, we provide this new set of domains, along with their respective IP addresses, committed to spread malicious code scareware type, also called rogue.

As always, the aim of showing these addresses is to be able to block them through mechanisms that are ordinarily used.

It should be noted that this list represents only a very small proportion of the total volume of malware of this kind that daily bombard the web.


PC Security 2009
IP: 72.52.210.131, 72.52.210.132, 72.52.210.133
United States United States Lansing Liquid Web Inc
Domains associated
pcsecurity09.com, pc-security09.com, pcsecurity-09.com, pcsecurity09.com, pcsecurity-2009.com



Home Antivirus 2010
MD5: 30d09989020fcb8f12a1aa3f87b4efa9
IP: 72.52.210.131, 72.52.210.132, 72.52.210.133
United States United States Lansing Liquid Web Inc
Domains associated
homeantivirus2010.com, home-anti-virus2010.com, homeantivirus-2010.com, home-antivirus-2010.com, homeanti-virus-2010.com, home-anti-virus-2010.com, homeav2010.com, home-av2010.com, homeav-2010.com, home-av-2010.com

Result: 22/41 (53.66%)

hotlife.us/mediastream/components/SecureLiveVideo.exe (67.212.162.250) - United States Singlehop Inc
rundaqimao.com/1/installer/Installer.exe?u=1025&...t=2 (74.222.134.20) - United States Orange Vpls Inc. D/b/a Krypt Technologies
od32qjx6meqos.cn/ue.php (220.196.59.23) - China United Network Communications Corporation Limited
nextantivirusplus.com/install/AntivirusPlus.grn (195.95.151.176) - Ukraine Kiev Eastnet-ua-net
explorersecurityhelper.com/block.php (83.133.123.113) - Germany Lncde-greatnet-newmedia
http://downloadsoftwareserver4.com/xpdeluxe.exe (89.248.168.79) - Netherlands As29073 Ecatel Ltd

antivirus-quickscanv5.com, antivirusonlinescanv9.com, antivirusscannerv9.com, fastvirusscanv6.com, firstspywarescannerv1.com, folder-antivirus-scanv1.com, mysafecomputerscan.com, onlineantispywarescanv6.com, onlineantivirusscanv4.com, personalfolderscanv2.com, personalonlinescanv3.com, privatevirusscannerv8.com, securefolderscannerv6.com, t370.hc-server.com, totalsecurityscannerv3.com (83.133.126.155) - Germany Lncde-greatnet-newmedia

212.117.174.14/racing.exe, clean-pc-now.net, clean-pc-now.org, fast-spyware-cleaner.com, fast-spyware-cleaner.net, fast-spyware-cleaner.org, free-spyware-checker.org, free-spyware-cleaner.com, free-spyware-cleaner.net, kill-spyware-now.org, scan-pc-now.com, scan-pc-now.org, spyware-killer.biz, spyware-scaner.com, spyware-scaner.net, spyware-scaner.org (212.117.160.18) Result: 4/41 (9.76%) - Luxembourg Root Esolutions
core2623.racingmoney-0110.com/d_program_all.cgi?host=host&id=0 (95.169.190.147) Descarga el binario PC_Protect.exe - Russian Federation Keyweb Online Limited Ip Network

PC Antispyware 2010
MD5: 30d09989020fcb8f12a1aa3f87b4efa9
IP: 174.139.243.46, 174.139.5.51, 216.86.144.130, 174.139.243.42, 174.139.243.43, 174.139.243.45, 209.31.180.232, 209.31.180.233, 209.31.180.235, 209.31.180.234, 209.31.180.237, 209.31.180.240
United States United States Chicago Nozone Inc
United States United States Orange Vpls Inc. D/b/a Krypt Technologies
United States United States Austin Supporting Act Technologies Llc
Domains associated
pc-anti-spyware-20-10.com, pcantispyware2010.com, pc-antispyware-2010.com, pcanti-spyware-2010.com, pc-anti-spyware-2010.com, pcantispyware20-10.com, pc-antispyware20-10.com, pcantispyware-20-10.com, pcantispyware-2010.com, pc-antispyware-20-10.com, pc-anti-spyware2010.com, pc-anti-spyware20-10.com, pc-antispy2010.com, p-c-anti-spyware-2010.com

Result: 22/41 (53.66%)

Windows System Suite
IP: 64.213.140.69
United States United States Global Crossing
Domains associated
fastantivirpro.com, malwarecatcher.net, mykeepplace.net, pay2.malwarecatcher.net, pay2.malwaresdestructor.com, prestotuneup.com, safe-pay-vault.com, trustshields.cn, update2.virusshieldpro.com, update2.windowspcsuite.com, update2.windowssystemsuite.com, virussweeper-scan.net
websystemsec.info, windowsprotectionsuite.com, windowssystemsuite.com, www.fastantivirpro.com, www.malwarecatcher.net, www.prestotuneup.com, www.protectsystem.info, www.virussweeper-scan.net

UnVirex
MD5: c20478d4f1b10d40831dd3d4cf9ba7a0
IP: 195.2.253.43
Russian Federation Russian Federation Madet Ltd
Domains associated
unvirex.com



Result: 30/41 (73.17%) 

Related information this Blog
Una recorrida por los últimos scareware XI
Una recorrida por los últimos scareware X
Una recorrida por los últimos scareware IX
Una recorrida por los últimos scareware VIII
Una recorrida por los últimos scareware VII
Una recorrida por los últimos scareware VI
Una recorrida por los últimos scareware V
Una recorrida por los últimos scareware IV
Una recorrida por los últimos scareware III
Una recorrida por los últimos scareware II
Una recorrida por los últimos scareware

Jorge Mieres

0 comentarios:

Post a Comment

Subscribe to: Post Comments (Atom)