Powered by Blogger.
RSS

Historical OSINT - Massive Blackhat SEO Campaign Spotted in the Wild Drops Scareware

It's 2010 and I've recently intercepted a currently active malicious and fraudulent blakchat SEO campaign successfully enticing users into interacting with rogue and fraudulent scareware-serving malicious and fraudulent campaigns.

In this post I'll profile the infrastructure behind the campaign and provide actionable intelligence on the infrastructure behind it.

Sample URL redirection chain:
hxxp://noticexsummary.com/re.php?lnk=1203597664 - 87.255.55.231
- hxxp://new-pdf-reader.com/1/promo/index.asp?aff=11677 - 66.207.172.196
= hxxps://secure-signupway.com/promo/join.aspx?siteid=3388

Related malicious domains known to have participated in the campaign:
hxxp://noticexsummary.com/

Related malicious domains known to have participated in the campaign:
hxxp://online-tv-on-your-pc.com/p2/index.asp?aff=11680&camp=unsub

We'll continue monitoring the campaign and post updates as soon as new developments take place.

  • Digg
  • Del.icio.us
  • StumbleUpon
  • Reddit
  • RSS