A double-wammy fake PornTube site

Landing on the following site not only prompts you with a fake “video decoder” … look at the fake Antivirus scanner that tries to trick the visitor into thinking they are infected … well you will be if you click either of these …

As usual this download is not very well detected … VirusTotal results here … ThreatExpert has a detailed report of what happens to your machine should you become infected … this one is very nasty!

“vidsxxxtube. com” redirects the download (3913181.exe) to a IP address – detected as “Win32/Adware.IeDefender.NIC”
“xp-police-av. com” (fake scanner) is detailed in the ThreatExpert report above …

Although the Registrars and Hosting services shutdown hundreds of these type sites each week … it seems that even more pop-up to take their place. As usual it’s all about the almighty $$$ … these Registrars charge these culprits for registering, then shut them down several weeks later … only to claim that they are doing their part to combat the spread of malicious sites … yeah right! … then why do they continue to do business with the same culprits over and over? = $$$



Comments are closed.