hxxp://adultsvideo.cn/Unsuspecting users wanting to view the adult videos are tricked into downloading and installing the fake codec.
The fake codec can be downloaded from this url:
hxxp://freebigutilites.com/ActiveX-Video-Codec.45092.exeThe server spits out files that have different MD5s each time.
ThreatExpert report here
Update:
Here's another site that purports to host "Free Full Lenght Movie" porn clips and uses fake video codecs in order to lure unsuspecting users into downloading and installing their rogue antivirus software:
hxxp://freeanalsextubemovies.com/video1483/porn/Clicking anywhere on the video screen area gives us the following link to a file named video.exe:
hxxp://homeamateurclips.com/video/video.exeWhich is a fake antivirus software under the Security Tool family of Fake AVs.
No comments:
Post a Comment