This is another “wolf in sheeps clothing” alert. The Sunbelt blog has information and tips on a number of other sites that are posing as either the Windows security center page, or a page not found error. The windows security center spoof once again claims the following “Attention! Your system is under control of remote computer with IP address >>>>>>> The remote computer has access to the following folders on your PC: windowssystem32 program filesinternet explorer my documents drive C; files, click here to download official anti-spyware software. Your private info is collected by w32.sinnaka.a@mm”
The page not found spoof goes like this: “The page cannot be displayed: the pag eyou are looking for is currently unavailable. The web site might be experiencing technical difficulties or you may need to adjust your browser settings. Please try the following: Install Spy trooper software to clean your pc. If you typed the page address in the address bar….” the rest of the page seems to be the usual Microsoft IE page cannot be displayed template. The other note is that at the top of the page there is a windows information bar that says “The page you are looking for is blocked by the adware on your pc. Remove it with spy trooper software click here.”
From sunbelt here is a listing of the latest sites, and previously discovered sites as well:
Newly found sites
Florence, AL US
wm @ needupdate.com
mag @ sexpicporn.com
Sites already known
henn @ teeeen.com
mag @ sexpicporn.com
Network administrators may want to block IP addresses for these sites.
Related PostsRelated Posts
- Zotob details Here are some details on the zotob worm (s) culled from several sources.... It copies itself to the Windows system folder as BOTZOR.EXE, it modifies the hosts file to frustrate attempts to access antivirus sites. The .b variant copies itself as csm.exe in the Windows System folder. Both variants create......
- Clamav 0.88.2 for Mandrake 10.0 rpms Since I have a few old Mandrake 10.0 servers out there churning along, I've rebuilt the Clamav package to reflect the recent security fix version 0.88.2 is up on the site at http://www.averyjparker.com/wp-content/downloads/clamav882/ As always, the rpms are here more for my convenience than anything else, rebuilt straight from the......
- Network security - how safe is your network? Looking at ARP A while back I did a network security series and one of the points that I mentioned was that it's important to know what is normal for your network. In other words, what machines are NORMALLY connected, what services are normally running, etc. Well, I'm about to start a serious......
- RateLadder.com Website Analytics for Jan 07 Top 5 Visitor Sources # Unique reddit.com 751 forums.prosper.com 329 google 260 (direct) 160 pfblogs.org 98 64.77 Unique Visitors per Day.Â 154.9 Page views per day.Â 2.39 pages per visit. 73% New Visitors 27% Returning 92.18% from United States. 99.25% English Language. Browser Visits Percent Firefox 915 45.57% Internet......
- My Prosper Internal Rate of Return Update (End of Jly 07) = 0.57% This is a RateLadder only IRR update. (An IRR lender âgameâ update is in the works.) I saw a big spike in loan 1 month late or more. Here is my permanent tracking page: http://rateladder.com/my-prosper-irr/ My Prosper IRR is defined as: Monthly cash flows with one extra month using the......
- Heavenly Mountain Resort, Stateline, CA Heavenly Mountain Resort is located in: Stateline, CA Phone: (775) 586-7000 Website: http://www.skiheavenly.com/ About the Resort: This is one of the most popular resorts in Lake Tahoe and all of California. The resort just spent half a billion dollars in renovations and if you have never been here before, or......
- A couple warnings related to fake security sites
- Another wolf in sheeps clothing
- Anti phishing information (phighting phishing ?)
- Warning – old wolf in sheeps clothing cloned…
- Huge identity theft ring discovered by spyware research