Home > ParetoLogic Blogs > Malware Diaries > Another fake codec Mac and PC
Reply
 
Thread Tools Display Modes
  #1  
Old 06-22-2009, 08:18 PM
Michael Michael is offline
Administrator
Join Date: May 2007
Posts: 313
Default Another fake codec Mac and PC
As I was just finished with the fake Brazzers site, my investigation took me to another very interesting path.

The following IP:*61.235.117.88 from China, hosts malware:

caaaqjnn

The domain*celebnudestars.net pushes PC and Mac Trojans:

brazzers021

The Mac sample is yet again totally undetected:

brazzers03

The PC sample will change your Desktop wallpaper to this:

brazzers04

and install a rogue, System Security:

brazzers05

Stay clear off those sites!

Jerome Segura
Reply With Quote
  #2  
Old 06-24-2009, 11:07 AM
stevejoblard stevejoblard is offline
Junior Member
Join Date: Jun 2009
Posts: 3
Default The mac variant is already detected...
... but not by the Windows specialized AV on virustotal!

VirusBarrier from Intego already detects it with the name OSX/RSPlug.K

This troyan may be downloaded on basic game sites too: Blog Intego
Reply With Quote
Reply

« Previous Thread | Next Thread »

Thread Tools
Display Modes
Linear Mode Linear Mode

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off
Forum Jump


Terms of Use