Una recorrida por los últimos scareware XV
Nueva ola de scareware que corre en Internet. Como aclaro en cada una de las entradas de esta serie, la lista que componen las presentes URL's y direcciones IP representa tan sólo un porcentaje menor, muy pequeño, del impresionante caudal de IP's y dominios que día a día propagan este tipo de malware.
MicroVaccine
MD5: 96a2cfdb534b547518a446a48150624eIP: 218.38.15.85
Korea, Republic Of Seoul Hanaro Telecom IncDominios asociados
clear-pc.net
microvaccine.net
vaccine2009.com
virusbye.net
Result: 24/41 (58.54%)
Omega AntiVir = Windows System Suite
IP: 64.86.16.161
Canada Brampton VelcomDominios asociados
omegaantivir.com
trustshields.cn
update1.omegaantivir.com
Contraviro
MD5: 8b1555ab8de5f4884e95e72d1755c984IP: 195.2.253.44
Russian Federation Madet LtdDominios asociados
antiviruscontraviro.com
contraviro.com
securedpaymentprocessor.com
Result: 7/41 (17.07%)
Soft Safeness = Save Defender = Trust Warrior
IP: 83.233.30.66, 91.212.127.131
Sweden Stockholm Serverconnect I Norrland
United Kingdom Telos Solutions LtdDominios asociados
mail.safetykeeper.com, mail.savekeeper.com, mail.softsafeness.com, ns1.safetykeeper.com, ns1.savekeeper.com, ns1.softsafeness.com, ns2.mitrokili.com, ns2.mredkizerut.com, ns2.ofcilamed.com, ns2.propinutrek.com, ns2.sdrukap.com, ns2.vcerukam.com, ns2.vderuwerol.com, ns2.vredupotre.com, ns2.vtromik.com, softsafeness.com, www.safetykeeper.com, www.softsafeness.com
MicroV3
MD5: 783385a90259131a89da62d10df67fa6IP: 220.73.161.54
Korea, Republic Of Seoul Thrunet Co. LtdDominios asociados
cocoda.co.kr, dvccode.com
i-viewtec.com, microv3.com
newocn.net, phoneboja.com
rich09.com, samsung77.com
www.cocoda.co.kr
Result: 22/41 (53.66%)
malwareurlirblock.com/1/ (83.133.125.116) -
Germany Lncde-greatnet-newmediawindows-protectionsuite.com (206.53.61.75) -
Canada Thornhill Rcp.netantivirus-plus09.com/install/avplus.exe (195.95.151.176) -
Ukraine Kiev Limited Corpwindows-shield.com, adware-finder.com, av-safety.com, avidentify.com, avir-guardian.com
avir-protect.comaviraplatinum.com
aviremover.com
aviremover2009.com
avirguardian.com
avremoverpro.com
awareprotect.com
awareremover.com
epcsecurity.com
esysprotect.com
intsecurepro.com
intsecureprof.com
oemantivir.com
osadwarekill.com
osawarepro.com
scanforspywarenow.com
virusermoverpro.com
viruskill2009.com
wins-guard.com
www.avir-guardian.com
www.avir-protect.com
www.esysprotector.com (91.206.201.8) -
Ukraine Pe Sergey Deminscareware-killer.com (213.155.22.193) -
Ukraine Tehnologii Budushego Llcwindowsprotection-suite.net (64.213.140.68) -
United States Global Crossingsmogcatalog.info/scan/vds.php (64.27.5.63) -
United States Yucca Valley Airlinereservations.com Incweragumasekasuke.com/10580532 (204.12.219.133), vuilerdomegase.com/10580532 (204.12.219.132), vulertagulermos.com/10580532 (204.12.219.131), scukonherproger.com (204.12.219.149) -
United States Kansas City Wholesale Internet Incluxmediacodec.com/av-scanner.0.exe (64.191.53.230) -
United States Scranton Network Operations Center Inceasynettest.com/install/ws.exe (62.90.136.237) -
Israel Haifa Barak I.t.cynoubfa.cn/?uid=186&pid=3&ttl=41a4951046e (64.86.25.201), trustsystem-protect.com, online-scanandsecure.net - (64.86.16.119) -
Canada Brampton Velcomwinfixscanner1.com/download/Soft_21.exe, delete-all-virus09.com (213.163.89.60) -
Netherlands Rotterdam Telos Solutions Ltdlakrapi.com/1/antivirus_pro_2009_v3.18.exe (87.118.118.246) -
Germany Erfurt Keyweb Ag Ip Networkyourcomp.us/antivirus_setup.exe (91.212.198.152) -
Russian Federation Individual Retailer Nevedomskiy A AProof Defender 2009
IP: 76.76.101.85 United States Portland Donald WildesDominios asociados
defender-2009.com
ns1.pdefzone.com
ns2.pdefzone.com
proofdefender.com
proofdefender2009.com
www.pdefender2009.com
www.proofdefender.com
System Cleaner
IP: 69.64.33.242 United States Lancaster Hosting Solutions International IncDominios asociados
brand-supplier.net, brands-house.com, brands-house.net, brands-sales.com, brands-vendor.com, brands-vendors.com, brands-vendors.net, discounts-shop.net, discounts-store.com, doctroshield2009.com, fashion-vendors.com, fashion-vendors.net, firstantivir2009.com, firstprotection2009.com, kicks-buy.com, kicks-buy.net, kicks-discount.com, kicks-discount.net, kicks-discounts.com, kicks-discounts.net. kicks-mall.com, kicks-shop.com, kicks-stock.com, kicks-supplier.com, kicks-vendors.com, kicks-vendors.net, liveantivir.com, liveprotectpro.com, luxury-mall.com, luxury-stock.com, myantivirus2009.com, mypharmshop.com, myprotectsuite.com, onguardsoft.com, onlineantivirpro.com, own-shoes.com, own-shoes.net, psp-shop.com, sneakers-buy.com, sneakers-sale.com, sneakers-sales.com, sneakers-stock.com, watches-supplier.com, www.luxury-mall.com
Privacy Center
MD5: 3731bde3c476993cbec9e849e4922c87IP: 83.233.165.149
Sweden Stockholm Serverconnect I NorrlandDominios asociados
crusade-new.com
privacy-software.info
Result: 6/41 (14.63%)
El objetivo es tomar esta información como recurso para bloquear las direcciones dañinas.
Información relacionada
Una recorrida por los últimos scareware XIV
Una recorrida por los últimos scareware XIII
Una recorrida por los últimos scareware XII
Una recorrida por los últimos scareware XI
Una recorrida por los últimos scareware X
Una recorrida por los últimos scareware IX
Una recorrida por los últimos scareware VIII
Una recorrida por los últimos scareware VII
Una recorrida por los últimos scareware VI
Una recorrida por los últimos scareware V
Una recorrida por los últimos scareware IV
Una recorrida por los últimos scareware III
Una recorrida por los últimos scareware II
Una recorrida por los últimos scareware I
Jorge Mieres
0 comentarios:
Publicar un comentario