[Michael]

Sometimes spending the extra work hours pays off. Actually I kind of get into a groove after searching and things come easily... that is until my wife phones me up!

Anyway, I was investigating a site and checked its source code for anything of interest.

There was a strange link pointing to a gif file that I decided to follow.



It took me to this page, a nice little repository of malicious pages pushing fake video codecs:

oymoma-tube.freehostia.com



As you can see, some of the pages have just been updated today, while others are a little older.

Here are some examples of the pages hosted there. They also have redirect links to other malware sites.





Jerome Segura

And for our partners, I've uploaded to our FTP share some of the samples I could grab.

Malware ID:*0d23a0aa75658d81698c727261503628.zip

Malware ID:*6d3b3cd07df5db7f4512a503ace750ac.zip

Malware ID:*da3f8fc504e1a640fbc0ae8da568dec7.zip

Malware ID:*ee222a68e35225115a1dceac34026ab6.zip