SpyFalcon, a nightmare rebranded

Full Source

Last time we wrote about a rebrand of SpyAxe called SpywareStrike, this time we alert you to SpyFalcon courtesy of Sunbelt-Software. First, if you think you’re infected, read our removal tutorial on the whole SpyAxe issue. And there is an interesting twist… the webhost provider is dishing out the WMF Exploit!

This domain was registered on 16-Jan-2006 by David Taylor under the guise of SunShine Ltd. It uses the “ANTISPYDNS.BIZ” domain for its DNS traffic. The domain is hosted by NetcatHosting who owns its IP: What is interesting even more about the netblock is this