Tuesday, September 29, 2009

Access America CardMember Lead to Rogue Antivirus

America Bank Card Member:

Access America Bank Cardmember Access america bank cardmember Bank of america no annual fee es credit cards - compare bank of america access to special cardmember offers from american express to save on shopping, dining, travel.

When you type "Access America CardMember" in Google search, it will resulting with red icon appears (mywot). : )



Below are few sites rated as "red" by mywot

hxxp://ckxaq.myip.hu/access-af5/undof.html
hxxp://1st-bank.vubujoj.345.pl/rsutharene.html
hxxp://banking-and.podomab.osa.pl/dowald.html
hxxp://bank-commercial.hegupah.osa.pl/jonfonghord.html
hxxp://swift-code.jepogop.bij.pl/ithexign.html



Well....those are the content. In fact, there have script that running behind when browsing to this website..and redirecting to Rogue Antivirus pop-up messages that warning user that their systems has been infected with malware and must clean their system. Users are prompted to download fake antivirus softwares.
"installer.90001.exe" md5: edf88a11fd44f1955180f34be24c5dd9




Virustotal Result:

Detection for the Rouge Antivirus is very low.


Virustotal result

IP address: 91.213.29.250

Domains sharing same IP address:

golary.cn
gombely.cn
gopawu.cn
gopiby.cn
goqfap.cn
gortuwe.cn
gotceyr.cn
gotuqjy.cn
govaqip.cn
gowyti.cn
goxweyc.cn
gubcyil.cn
gubywef.cn
gudxyv.cn
gugema.cn
gugkyaf.cn
gujdywa.cn
gurqyak.cn
gutciko.cn
guxryac.cn
gybukop.cn
gybwuv.cn
hagnuor.cn
haronpi.cn
idoafy.cn
idyzok.cn
ifypeod.cn
igayzde.cn
igivor.cn
igouhxe.cn
iguyzmo.cn
ihaegup.cn
ihagoin.cn
ihogedi.cn
ihuqoyr.cn
ijakony.cn
ijepiyq.cn
ijobuaw.cn
ijuoxe.cn
ikoiwe.cn
ikuaxge.cn
ikylami.cn
ileufby.cn
iloefe.cn
iluefot.cn
imyadoc.cn
ipoxyid.cn
iqaotfy.cn
iqevun.cn
iqidoh.cn
iqoyxab.cn
iraqicu.cn
iwyhuda.cn
mail.golary.cn
mail.gombely.cn
mail.gopawu.cn
mail.gopiby.cn
mail.goqfap.cn
mail.gortuwe.cn
mail.gotceyr.cn
mail.gotuqjy.cn
mail.govaqip.cn
mail.goxweyc.cn
mail.gubcyil.cn
mail.gudxyv.cn
mail.gugema.cn
mail.gujdywa.cn
mail.gurqyak.cn
mail.gutciko.cn
mail.guxryac.cn
mail.gybukop.cn
mail.gybwuv.cn
mail.hagnuor.cn
mail.haronpi.cn
mail.idyise.cn
mail.idyzok.cn
mail.ifypeod.cn
mail.igayzde.cn
mail.igivor.cn
mail.igouhxe.cn
mail.ihaegup.cn
mail.ihagoin.cn
mail.ihogedi.cn
mail.ihuqoyr.cn
mail.ijakony.cn
mail.ijepiyq.cn
mail.ijobuaw.cn
mail.ijuoxe.cn
mail.ikoiwe.cn
mail.ikuaxge.cn
mail.ikylami.cn
mail.ileufby.cn
mail.iloefe.cn
mail.iluefot.cn
mail.imyadoc.cn
mail.ipemuw.cn
mail.ipoxyid.cn
mail.iqaotfy.cn
mail.iqevun.cn
mail.iqidoh.cn
mail.iraqicu.cn
mail.ns-free-acc7.com
ns-free-acc7.com
ns1.ns-free-acc7.com
ns2.ns-free-acc7.com
www.goqfap.cn
www.gortuwe.cn
www.gotceyr.cn
www.gotuqjy.cn
www.govaqip.cn
www.gowyti.cn
www.goxweyc.cn
www.gubcyil.cn
www.gugema.cn
www.gybwuv.cn
www.hagnuor.cn
www.idoafy.cn
www.igouhxe.cn
www.ihogedi.cn
www.ijuoxe.cn
www.iloefe.cn
www.ipemuw.cn
at 8:32 AM
Labels: , , , ,

0 comments:

Post a Comment

Subscribe to: Post Comments (Atom)