A little background … I have this blog set to “Approve” most content that is added via the “Comments” link. Now I usually get a few Spam entries that I simply ignore … but this one caught my eye and I thought I’d follow the link posted to see where it went … Notice the content […]
3 Comments »
Filed under: Uncategorized
Landing on the following site not only get you a Codec/Zlob prompt, but my AV (NOD32 v3) jumps up and announces there is also an IFrame attack (JS/TrojanDownloader.Psyme.AAW) from several sites … Although unusual for several exploits to be on the same (Codec) site … it’s nothing new … as you can see below you […]
Comments Off on Watch out for the coordinated attack
Filed under: Uncategorized
The other day I reported that Comodo had revoked all certificates issued to WinFixer/SetupAHost … as you can see below this is the report IE displays when the error occurs … kudos to Comodo! … Sandi has another example here Now to follow-up on XpAntivirus2008 that I wrote about … looks like they have been […]
Comments Off on Follow-up on Comodo and XpAntivirus2008
Filed under: Uncategorized
Good news gang … I was informed by Comodo that they have revoked all certificates issues to the WinFixer/SetUpAHost … I know it’s only a small victory but it causes them to look elsewhere, and I’m sure it won’t take them long to establish another bogus setup … In other related news … remember how […]
Comments Off on Comodo kicks SetupAHost to the curb
Filed under: Uncategorized
Following up on an email tip from John who states “while reading comments on digg.com i came across this site“Well sure enough it looks like Digg is the latest recipient of malicious Spamdexing … Although the text states “Real video on YouTube” … look closely at the link … which is not YouTube but clearly […]
Comments Off on Beware of YouTube look-alikes
Filed under: Uncategorized
Following up on a email tip from Kathi H … we land on the following … “Your Player is inactive” ??? what in the world kind of message is that? … surely you can think up a better one than that … As you can see there are several culprits involved … the download is […]
Comments Off on Another new Codec site
Filed under: Uncategorized
Landing on the below site the visitor is presented with yet another fake scan from a known Rogue product …Symantec describes this as “The program reports false or exaggerated system security threats on the computer“ When I clicked the link to [sic] purchase the product … as you can see this is another “WinFixer/SetupAHost” […]
1 Comment »
Filed under: Uncategorized
The MVPS HOSTS file was recently updated [MAR-09-2008]http://www.mvps.org/winhelp2002/hosts.htm Download: hosts.zip (151 kb)http://www.mvps.org/winhelp2002/hosts.zip How To: Download and Extract the HOSTS filehttp://www.mvps.org/winhelp2002/hosts2.htm HOSTS File – Frequently Asked Questionshttp://www.mvps.org/winhelp2002/hostsfaq.htm Note: the “text” version makes a great resource for determining possible culprits … (661 kb)http://www.mvps.org/winhelp2002/hosts.txt Sign up for HOSTS file update noticeshttp://www.mvps.org/winhelp2002/updates.htm
Comments Off on MVPS HOSTS File Update [MAR-09-2008]
Filed under: Uncategorized
Looks like both sites have been compromised by a malicious IFrame … [details here] what happens is you get redirected to yet another Rogue Antispyware (xpantivirus2008) Naturally these are bogus results since no scan really occured … however this is a new avenue of attack and hopefully these compromised sites will get things cleaned up […]
2 Comments »
Filed under: Uncategorized