Malware Alert: YouTube masquerader

I found another malicious site, Jaxware Dot Cn, masquerading as YouTube in the World Wide Web yesterday. As a web junkie, I stumbled upon malicious sites almost everyday but I never did bother to warn people about them. As of today, I will share my findings for the sake of the World Wide Web. Let us make the internet a safer place for everybody.

Jaxware, Malware, URL Spoofing, YouTube, Google
Who is behind Jaxware Dot Cn?

A quick check on WHOIS revealed that the site is registered to a person named Elfimov Evgeniy. The server’s IP address is 72.232.116.51 and located somewhere in New York.

Jaxware, Malware, URL Spoofing, YouTube, Google
What sort of danger does it pose to internet users?

As you can see from the first image, there is a weird instruction asking visitors to download ActiveX video codec on its page. Once the page is fully loaded, the malicious site will also prompts you to save an executable file (probably a nasty malware) to your hard drive. Heaven knows what that thing will do to your computer!
Subscribe via RSS or Email:

Related Posts


0 comments:

Post a Comment

  • Commenters are encouraged to leave comments via OpenID but if you have problems in leaving one via OpenID, please refer to this excellent guide.
  • Comments that add tremendous value to the blog post will not only get approved but also will be personally tweeted (learn how!) by the blogger behind this blog, giving commenters the opportunity to get even more traffic and gain even more exposure to their sites or blogs.
  • Comments that have links in the bodies of comments will never be approved.
  • Preferably comments should be made in English but comments in other languages are also acceptable.