Yahoo hosting Fraudware on their servers

While tracking down several new fake Antispyware sites … I happened to notice the below are all hosted by Yahoo.

# [Yahoo via various][ –] #[Win32/Adware.PowerAntivirus] #[Win32/Adware.PowerAntivirus] #[Win32/Kryptik.E] #[Win32/Kryptik.E]

VirusTotal result for the download from “” [here]
MY AV (NOD32 v3) detects the downloads from the other sites as either “Win32/Adware.PowerAntivirus” or “Win32/Kryptik.E

As you can see the above is a typical fraudulent fake Antispyware that attempts to infect your machine … nothing new there … but hosted at Yahoo? Makes you wonder who’s asleep at the wheel over there? …

These all fall within the IP block assigned to Yahoo ( –
The above sites all have the same “page title” (International Virus Research Lab) and contents, etc …

Comments are closed.