Fake Porntube Malware - ParetoLogic Forums

Reply

#1

Old

06-25-2009, 10:04 PM

Michael

Michael is offline

Administrator

Join Date: May 2007

Posts: 313

Default

Fake Porntube Malware

I came across yet another fake PornTube site.

portube1

The Whois for that domain is somewhat obscure!

whois

The malicious file comes from another domain (eshymkent.cn), yet on the same IP

graph

The malware file turns out to be a rogue app called Fast Antivirus 2009

portube2

Although this rogue is already known, I am surprised to see the low detection rate on VirusTotal:

Jerome Segura

Malware ID:*d33e766d7fc6a984fe797816cc4af245.zip

Reply With Quote

Reply

« Previous Thread | Next Thread »

Thread Tools
Show Printable Version Email this Page
Display Modes
Linear Mode Switch to Hybrid Mode Switch to Threaded Mode

Posting Rules
You may not post new threads You may not post replies You may not post attachments You may not edit your posts BB code is On Smilies are On [IMG] code is Off HTML code is Off Forum Rules

Terms of Use