Disney has some explaining to do

Following up on a tip from the Castlecops MIRT Team (Malware Incident Reporting and Termination) about a new entry for mcboo(dot)com. As you can see below this new entry is definately a nasty.

Now what I find disturbing is that I decided to “Google” and see if there were any other new entries that I should add to the HOSTS file. Well, I find the following:



Which redirects to go.com (operated by Disney) … so I checked the DNS of that entry and find it is actually “disney.com” … huh? What in the world is Disney doing associating with the MatCash Family of Trojans?

“Win32/Matcash is a family of multi-component trojans that can be used to download and execute arbitrary files.”

McAfee detects another mcboo entry as Downloader-BCF The question I have is who is “affID=27″?
Is Disney affiliate #27 to the MatCash Trojan Family? … Oh Disney what were you thinking? = Disney Worldwide Services

While still researching the malicious “mcboo(dot)com” entries I find this … look familar? Yeah we’ve seen this malicious trick many many times before (Missing Video Codec) …

And just who is involved in this latest Trojan.Codec scam? … you guessed it “mcboo(dot)com) …

So just what relationship does Disney (go.com) have with these smut peddlers, because “waverevenue(dot)com” is a hard-core porn site … Oh Disney what were you thinking?

Leave a Reply

Network-wide options by YD - Freelance Wordpress Developer