pornqaz.com
uinsex.com
qazsex.com
sexwhite.net
lightporn.net
xeroporn.com
brakeporn.net
sexclean.net
delfiporn.net
pornfire.net
redcodec.net
democodec.com
turbocodec.net
gamecodec.com
blackcodec.net
xerocodec.com
ixcodec.net
codecdemo.com
ixcodec.com
citycodec.com
codecthe.com
codecnitro.com
codecbest.com
codecspace.com
popcodec.net
uincodec.com
xhcodec.com
stormcodec.net
codecmega.com
whitecodec.com
jetcodec.com
endcodec.com
abccodec.com
abccodec.com
codecred.net
cleancodec.com
herocodec.com
nicecodec.com
DVDaccess's pitch : "DVDaccess is a multimedia software that allowa access to Windows collection of multimedia drivers and integrates with any application using DirectShow and Microsoft Video for Windows. DVDaccess will highly increase quality of video files you play. DVDaccess enhances your music listening experience by improving the sound quality of video files sound, MP3, internet radio, Windows Media and other music files. Renew stereo depth, add 3D surround sound, restore sound clarity, boost your audio levels, and produce deep, rich bass sounds."
Scanner results : 39% Scanner (14/36) found malware!
File Size : 74823 byte
MD5 : 30965fdbd893990dd24abda2285d9edc
SHA1 : 53eacbb9cdf42394bd455d9bd2275f05730332f7
Why are the malicious parties so KISS oriented at the end of every campaign, compared to the complexity and tactical warfare tricking automated malware harvesting approaches within the beginning of the campaign? Because they're not even considering the possibility of proactively detecting the output of the many other malware campaigns to come, which will inevitable be ending up to these very same domains serving a single Zlob variant. Just like the recent massive IFRAME attacks, where in between the live exploit URLs and rogue security software, the end users were redirected to DVDaccess as well. In fact, the massive IFRAME attack campaign was, and continues to redirect to one of the domains in the portfolio I've just provided you with.
No comments:
Post a Comment