Thursday, January 29, 2009

New strategy of social engineering to spread IE Defender

IE Defender is one of the many fake security programs (scareware, also called rogue) that constantly bombard the users with the intent to infect their computers through the websites that pretend to be legitimate.

However, there are new strategies for detecting deception to spread and don't share the same methodology for download from the website scareware, but seeking to trick users to achieve their goals, in this case, IE Defender is being disseminated to through websites that promise to downloading music in mp3 format and movies.

In either case, download the album or movie is downloaded but promised one of the variants in the family of IE Defender.

All the pages used to spread threats share the same IP address ( Download:

free-games-rapidshare .com
movie-rapidshare .com
moviesrapidshare .org
music-rapidshare .com
musicrapidshare .org
warez-catalog .com
movie-megaupload .com
cpmusicpub .com
soft-rapidshare .net
softrapidshare .com
softrapidshare .org
ftp-warez .org
extra-turbo .com
softupdate09 .com
cpmusicpub .com
free-full .com

A minor detail that identifies these malicious sites, is that nearly all pretending to be hosted pages on sites that can store files like Megaupload, Rapidshare or directly warez sites designed for downloading.

# Jorge Mieres

No comments: