[Please make Internet a safer place and consider Stumbling this post for the benefit of more and more innocent web surfers.]
Yesterday, during my regular Google search for new Malware attacks, I discovered a rogue blog, which is blatantly dishing out rogue malware software to its innocent visitors. I had noticed many such sites previously also, but something kicked me within this time to write a quick post about it, for the benefit of visitors of Webtools & Tips.
Actually I was searching for more info about the Blue Screen of death and I entered a query "computer blue malware" in the Google Search Box. See the screenshot below of top 3 results.
The 3rd spot was grabbed by the following URL.
porono-tube8reg (dot) blogspot (dot) com/2008/06/computer-blue-malware-squared-anti.html
It seems to be a Blogger Blog. Remove (dot) and replace with a "." to visit the actual link.
When I clicked on the link, I was immediately redirected to AdultFriendFinder. No issues, I have seen many of them, and I don’t mind the webmaster’s attempt to make a few bucks by luring me to join the AdultFriendFinder program.
I just closed the tab and returned back to the Google Search Result page to try to discover some more facts about the URL. I copied the home page URL porono-tube8reg (dot) blogspot (dot) com, and pasted in another browser Window. Try it yourself, it will not harm you in any way.
I was again redirected, but this time to a harmful website. All my browser windows were immediately closed and I got the following pop-up windows staring at me.
(First Attempt: Install AntiVirus2009)
I was quick to judge the trap and quietly closed the window. If you are following me, then please be careful to not click on any OK here. Because all this attempt is to lure you to get one of their rogue antivirus installed on your system.
I opened yet another browser window and repeatedly tried to open the home page. But every time I was redirected to different malware programs, which are well known for their nature. In fact these are rogue anti-virus programs, which pretend to be a genuine antivirus, and try to get themselves installed on your machine.
Try it yourself. But be careful that your AntiVirus and Firewalls are well in place and do not click anywhere on the pop-up windows.
(Second Attempt: Install AntiSpyWare2008)
(Third Attempt: Install Online-xpcleaner)
(Fourth Attempt: Install yet another Rogue Media Player)
(Fifth Attempt: Install some malware from avwav.com)
Yet another lesson, which I learnt from this attack, is that out of the five attempts to install a malware on my laptop, only one was detected by my system. Incidentally I have been running Windows Vista Business Edition, with Bit Defender Firewall, Norton 2008 AntiVirus and Firefox 3.
Few quick lessons learnt here.
July 10th, 2008 at 2:48 pm
Do you mean five attempt at the same time? That blog surely full of -shit-#cough-cough*
July 10th, 2008 at 9:13 pm
You need be on either Linux of Mac os to be safe from such Malware websites else its 99.99% you will be infected. it will infect many Computers before google identify this site as Malware (you need to report at http://www.google.com/safebrowsing/report_badware/)
July 11th, 2008 at 7:56 am
Wow, that really sucks, I don’t know much about bit defender firewall, but I do know that Norton isn’t too good.
Also, Firefox 3 wouldn’t be my choice for safe browsing, I always considered Opera as the safest browser.
Also Nod 32 seems to be defending my system well together with normal Windows Vista, recently updated firewall.
July 11th, 2008 at 8:33 am
Thank you for sharing this.
July 12th, 2008 at 2:12 am
These types of malwares are spreading fast. I myself was a victim of one of these recently.
July 20th, 2008 at 9:21 pm
WoW. Stumbled on this while searching for some information on what I thought was a new malware attack on my computer. I thought I was alone in this but glad that I found out that there are others who have discovered it as well. Thanks for the information and for sharing.
July 22nd, 2008 at 3:26 am
Amazing article! Detailed and very interested. I am going to recommend this blog to my friends.
July 22nd, 2008 at 1:31 pm
Let me know, is it there any solution to safeguard our PC as well as blogs or sites from such type of nuisance things? Is it possible? What is the remedy?
July 29th, 2008 at 1:37 pm
How do a search engine like Google list a redirecting link as the third result for a popular webpage. I have heard that if a page redirects to another page, the previous one will not be listed in search engines.
October 27th, 2008 at 6:30 am
Google has by no means beaten malware. And I agree, detection is severely lacking. One of your guidelines (that I adhere to as well and tell friends and family) is just to use common sense, that should detect 5 out of 6 pieces of Malware and hopefully the last one will be detected by your software…
November 25th, 2008 at 6:28 pm
I would reccomend MalwareBytes. It completeley deleted Antivirus 2009
January 9th, 2009 at 6:15 am
My three websites were infected with a version of this. If they came up in a google search, when clicked on it was immediately redirected and a dialog box appeared asking to install antivirus 2009. If clicked *anywhere* inside box it directed to a website that started “scanning for malware.” However if I put the web address directly in a browser window there was no problem. I reportd it to my webhost co and they removed the infection. I don’t need surprises like this!
September 10th, 2009 at 11:40 am
Hi! I was surfing and found your blog post… nice! I love your blog.
Cheers! Sandra. R.
September 11th, 2009 at 8:51 am
Sign: umsun Hello!!! rcuwwymhyw and 6019ssgfhphzye and 9457Cool!
January 30th, 2010 at 6:52 pm
There are a lot of iterations of this. There’s Internet Security 2010, Antivirus Soft and Antivirus 2009. They’re pretty hard to get rid of because they disable the taskmaster, regedit and command line interface.
Malware Bites works every time, though.
November 16th, 2010 at 5:48 am
This is a followup to my previous post, above. A couple of weeks after cleaning up my sites the same thing happened again. This time I did my homework and discovered that the security settings for my sites were woefully inadequate. I fixed that problem, cleaned up the mess myself this time, and have not had any problems since. For a short time my sites were banned by Google due to the infections.
Bottom line, there are two separate issues. My own computer has not been infected due to reasonable diligence, firewalls, and NOD32. And cleaning up my websites + security has taken them off the malware market.
Hope this helps someone.
April 23rd, 2012 at 11:06 pm
I have noticed that over the course of developing a relationship with real estate managers, you’ll be able to get them to understand that, in most real estate exchange, a payment is paid. In the end, FSBO sellers will not “save” the percentage. Rather, they struggle to win the commission by doing an agent’s occupation. In the process, they devote their money in addition to time to complete, as best they are able to, the duties of an broker. Those obligations include displaying the home by way of marketing, offering the home to prospective buyers, creating a sense of buyer desperation in order to induce an offer, preparing home inspections, dealing with qualification checks with the financial institution, supervising maintenance tasks, and facilitating the closing of the deal.