The fake video player tactic continues with fake news websites popping up from the underworld ready to *play* on your Windows computer. The story does not end well for the computer owner as their system will be totally compromised ready for the criminals to do what they want. The malware that’s on these websites are Waledac trojans.
hxxp://ynh.bestbreakingfree.com/main.php
leads to –> hxxp://ynh.bestbreakingfree.com/contact.exe
contact.exe
VirusTotal.com scan (8/39) detected as Waledac trojan:
http://www.virustotal.com/analisis/69c00e90f104010ecaea376ffa124a7a
WARNING: Malicious code on sites identified below, visit at your own risk!
Domains & IPs:
ynh.bestbreakingfree.com (67.180.35.24)
ns6.goodnewsdigital.com
ns1.urbanfear.com
ns4.spacemynews.com
ns6.wapcitynews.com
ns1.worldnewsdot.com
ns4.urbanfear.com
ns1.antiterrornetwork.com
ns6.bestusablog.com
ns3.bestlifeblog.com
ns2.urbanfear.com
ns3.blogsitedirect.com
ns6.antiterroralliance.com
ns2.tntbreakingnews.com
ns3.blogginhell.com
ns3.breakingkingnews.com
ns6.breakingnewsltd.com
ns1.breakingnewsltd.com
–mwdisector
0 Responses to “Fake Reuters news story featuring Waledac malware”
Leave a Reply
You must login to post a comment.