Archive for October, 2007

Out of touch lately

Sorry for the lack of posting lately … below is what my daughter woke up to Monday morning … [story here] Thankfully no one was hurt, but she lost the majority of her belongings … although insured it sure causes havoc in your life when you have no place to live and no clothes to wear. […]

Another nasty Spamdexing site

Spamdexing sites have become extremely dangerous … usually these type sites lead to an adult site or “Fake Codec” site.However the following not only tries to load a Rogue/Suspect Anti-Spyware Product, this one comes with a nasty payload. Notice there are several redirects, and the entry highlighted in red which produces the “Remote Data” prompt … […]

What is wrong with the FTC?

This recent news article “Two Men Get Five Years For Sending Pornographic Spam” gets lots of coverage, which is fine and the culprits got what they deserve. However the FTC announced on Oct. 1 – “FTC Permanently Halts Media Motor Spyware Scam” which if you really look at the details of the settlement … you have […]

NOD32 gets a work-out

Going thru the many databases I use for malware research, my Antivirus NOD32 gets a good work-out … The above is just from the last several weeks … naturally the vast majority of these malware sites get added to the HOSTS file. That’s why it’s so important to keep your HOSTS file current … armed […]

MVPS HOSTS File Update 10-10-07

The MVPS HOSTS file was recently updated [10-10-07]http://www.mvps.org/winhelp2002/hosts.htm Download: hosts.zip (144 kb)http://www.mvps.org/winhelp2002/hosts.zip How To: Download and Extract the HOSTS filehttp://www.mvps.org/winhelp2002/hosts2.htm HOSTS File – Frequently Asked Questionshttp://www.mvps.org/winhelp2002/hostsfaq.htm Note: the “text” version makes a great resource for determining possible culprits … (625 kb)http://www.mvps.org/winhelp2002/hosts.txt Sign up for HOSTS file update noticeshttp://www.mvps.org/winhelp2002/updates.htm

Attack of the WinFixer Clones

Lately there has been a huge increase in the WinFixer affiliates/clones … although these clones go to great lengths to hide their true idenity, you can sniff them out if you know where to look … WinFixer is run by “Innovative Marketing” and their main distrubtion host is SetupAHost based in Canada, although WinFixer also […]

How long does it take to setup a malicious site?

Looks like you can register your site and start serving up malware all in the same day. First you set up a bunch of throw-away sites to use for Spamdexing, then you post a huge amount of links which leads to: “freeclipoftheday(dot)com” was registered today (Upl Telecom S.r.o) using PrivacyProtect to hide their identity … […]