R3v3rs3e's Blog

«
»

Fake codec used by porn site

Posted by Steve Espino on December 7, 2009

Here’s another porn site distributing malware under the guise of video codecs:

hxxp://adultsvideo.cn/

Unsuspecting users wanting to view the adult videos are tricked into downloading and installing the fake codec.

The fake codec can be downloaded from this url:

hxxp://freebigutilites.com/ActiveX-Video-Codec.45092.exe

The server spits out files that have different MD5s each time.

ThreatExpert report here

PC Tools Spyware Doctor with Antivirus detects this fake codec as Trojan.FakeAlert.

Update:

Here’s another site that purports to host “Free Full Lenght Movie” porn clips and uses fake video codecs in order to lure unsuspecting users into downloading and installing their rogue antivirus software:

hxxp://freeanalsextubemovies.com/video1483/porn/

Clicking anywhere on the video screen area gives us the following link to a file named video.exe:

hxxp://homeamateurclips.com/video/video.exe

The award-winning PC Tools Spyware Doctor with Antivirus blocks this fake software as RogueAntiSpyware.SecurityTool.

Advertisement

This entry was posted on December 7, 2009 at 6:52 am and is filed under Malicious Intent. Tagged: , , , , , , , , , , , , . You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.

Leave a Reply

Fill in your details below or click an icon to log in:

Gravatar
WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Cancel

Connecting to %s

«
»
 
Follow

Get every new post delivered to your Inbox.