admarketcenter.com have been implicated in the distribution of malvertizements. AdMarketCenter.com - IP: 216.195.62.169 Registrar : Godaddy.com Date created : 15 November 2006 WHOIS Registrant, admin and technical contact: bert_205@hotmail.com hostnames sharing ip with a-records: excursionglobe.com mypussyworld...
I received three separate samples of a mediamate malvertizement today, all with different names. First sample This time it hit googiesindication.com - IP: 217.150.254.47 Registrar : TLDS, LLC DBA SRSPLUS Creation date - 26 November 2007 Registrant, administrative and billing contact : Jon Lod (mail@googiesindication...
Love the title Jesper! http://www.theregister.co.uk/2008/08/22/anatomy_of_a_hack/ Jesper's article includes a description of a browser hijack intended to dump its victim at a fraudware site. It also takes a close look at the fraudware itself - its installation, its behavior after install, and how...
Not confirmed, but suspicious - generated using Fuse:
I received this email a few days ago: Dale's email is certainly worth answering; I'll do my best ;o) Fraudware such as XP Antivirus 2009 (or 2008) and its myriad stablemates does not come in strictly via the Clipbook vector. On the contrary, my opinion is that the clipboard trick is one of their...
Featuring.... Careerbuilder.com... (hits newstat.net, profitabill.com and adverdaemon.com) Skype (hits statsgroup.net, profitabill.com and adverdaemon.com) mediaman (hits statsgroup.net, profitabill.com and adverdaemon.com as well as stats.sellmosoft.net and stats2.reliablestats.com) nielsen and bighip
eosads.com - IP: 216.195.62.169 Registrar: Estdomains (enough said) Date created: 8 February 2007 WHOIS Registrant, admin, technical and billing contact: Daniel Adams (ddarkmaster@gmail.com) hostnames sharing ip with a-records alice-cms.com cstur.com mail.alice-cms.com mail.cstur.com mail.eosads.com...
Thanks to Matt for the heads-up warning that the following domains are implicated in the facilitation of malvertizing and other nefarious behavior... Matt warns us about... paymentforad.com - IP 58.65.237.115 Registrar: TLDS, LLC DBA SRSPLUS Registrant: Serj Moondy (moon.serg@gmail.com) <-- a name...
Thanks to Jurren for the heads up... " Avert Labs is issuing an emergency notice for the 5365 DAT files. The reason for this Emergency DAT release is due to a false detection for New Malware.bm. Known files impacted by this emergency are: Large AutoIT packed files (samples seen have been over 16MB...