Fake Porntube Malware

June 25th, 2009

I came across yet another fake PornTube site.

The Whois for that domain is somewhat obscure!

The malicious file comes from another domain (eshymkent.cn), yet on the same IP

The malware file turns out to be a rogue app called Fast Antivirus 2009

Although this rogue is already known, I am surprised to see the low detection rate on VirusTotal:

Jerome Segura

Malware ID: d33e766d7fc6a984fe797816cc4af245.zip

This entry was posted on Thursday, June 25th, 2009 at 1:04 pm and is filed under Fake codecs, Rogue software. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.

Comments:

(0) comments
|
Add your comments