Hosts News

Archive for September, 2008

Bogus Adobe Flash Player extension

Posted on September 28th, 2008 by hostsnews

Landing on the following, the visitor is presented with several click-able adult images … that once clicked results in the bogus Adobe Flash Player prompt … Naturally there is no such thing as a “HD H.264 Extension” … however still some people fall for these bogus prompts.The download “AdobeFlashPlayerExt.exe” is detected as: Trojan.Win32.Obfuscated.gx [VirusTotal results] […]

2 Comments »
Filed under: Uncategorized

MVPS HOSTS File Update September-23-2008

Posted on September 24th, 2008 by hostsnews

The MVPS HOSTS file was recently updated [September-23-2008]http://www.mvps.org/winhelp2002/hosts.htm Download: hosts.zip (142 kb)http://www.mvps.org/winhelp2002/hosts.zip How To: Download and Extract the HOSTS filehttp://www.mvps.org/winhelp2002/hosts2.htm HOSTS File – Frequently Asked Questionshttp://www.mvps.org/winhelp2002/hostsfaq.htm Note: the “text” version makes a great resource for determining possible culprits … (604 kb)http://www.mvps.org/winhelp2002/hosts.txt Sign up for HOSTS file update noticeshttp://www.mvps.org/winhelp2002/updates.htm

Comments Off on MVPS HOSTS File Update September-23-2008
Filed under: Uncategorized

A bogus MP3 Audio Codec prompt

Posted on September 16th, 2008 by hostsnews

Landing on the following site the visitor automatically sees a bogus prompt … not only that as you can see in the “Information Bar” a file was automatically downloaded. So users with older browser versions may find themselves infected without any interaction … “download-soft-free4all(dot)net” was only registered yesterday … and hosted at Noc4hosts Inc (Tampa […]

Comments Off on A bogus MP3 Audio Codec prompt
Filed under: Uncategorized

Klikdomains suspended

Posted on September 15th, 2008 by hostsnews

Just days after Security Fix exposed “Klikdomains” and the connection to “VIVIDS MEDIA GMBH” … the following sites were suspended: klikdomains.com – Status:SUSPENDED [whois info]Note: This Domain Name is Suspended. In this status the domain name is InActive and will not function. klikvipsearch.com – Status:SUSPENDED [whois info]kliksoftware.com – Status:SUSPENDED [whois info] However don’t be fooled […]

Comments Off on Klikdomains suspended
Filed under: Uncategorized

Directi and EstDomains continue to suspend thousands of malware sites

Posted on September 12th, 2008 by hostsnews

I have been keeping a close watch on the amount of suspended sites in the MVPS HOSTS file … rescanning everyday lately and removing the sites that no longer return a valid DNS … the number is huge yet again … Strangely enough not all of these domains are related to EstDomains … but who’s […]

2 Comments »
Filed under: Uncategorized

Hundreds more malware domains suspended

Posted on September 8th, 2008 by hostsnews

As I reported the other day about the thousands of suspended domains … it appears that even more domains have been suspended. After I removed the huge list of previously suspended domains from the MVPS HOSTS file … I waited a day or two and rescanned the file to validate the entries. Much to my […]

Comments Off on Hundreds more malware domains suspended
Filed under: Uncategorized

More fallout on the suspended malware sites

Posted on September 5th, 2008 by hostsnews

Knujon News reports “Directi is now severing ties with Estdomains amid complaints that the Eastern European company makes it too easy to register sites that are used by spammers and scammers. “Just the reputation loss and the confusion because of these linkups has been more detrimental to us than the commercial gain from that one-off […]

Comments Off on More fallout on the suspended malware sites
Filed under: Uncategorized

Another fake Security prompt

Posted on September 4th, 2008 by hostsnews

Now this is one (bogus prompt) that you don’t see every day … check the page title … Naturally if you click the (made to look like a Microsoft Security prompt) “click here to get full real-time protection” … yeah right!The only thing you’ll get is a real-time infection … As you can see the […]

Comments Off on Another fake Security prompt
Filed under: Uncategorized

Yahoo hosting Fraudware on their servers

Posted on September 3rd, 2008 by hostsnews

While tracking down several new fake Antispyware sites … I happened to notice the below are all hosted by Yahoo. # [Yahoo via various][68.180.128.0 – 68.180.255.255]68.180.151.16 antivirus-2008.org68.180.151.17 antivirus-2008-noadware.com #[Win32/Adware.PowerAntivirus]68.180.151.16 bestantivirus2009.com #[Win32/Adware.PowerAntivirus]68.180.151.18 officialantiviruslab.com #[Win32/Kryptik.E]68.180.151.18 onlineantivirus2009.com #[Win32/Kryptik.E] VirusTotal result for the download from “antivirus-2008.org” [here]MY AV (NOD32 v3) detects the downloads from the other sites as either […]

Comments Off on Yahoo hosting Fraudware on their servers
Filed under: Uncategorized

InterCage suspends thousands of malware related sites

Posted on September 3rd, 2008 by hostsnews

Only a few days after an article in the Washington Post and a detailed report by HostExploit [PDF] [Video] they (InterCage) have suspended thousands of malware related sites. Which is good news … but it makes you wonder if these sites will simply be transfered elsewhere, or the criminals will just register thousands of new sites […]

4 Comments »
Filed under: Uncategorized

Recent Posts

Recent Comments

Meta