Fake AV with new tricks ?

StevieO · Jun 6, 2009

Malware Catcher 2009

Here's new one: malwarecatcher.net / product.php

Notice it wants to install some temp fonts ? I have this set to prompt as you can see. So i activated Returnil, and even with Scripting enabled and allowing the fonts, nothing appeared to happen. I was also unable to download the fake product ?

Maybe someone else could try and see if they could investigate if these fonts are pretending to be something else. Possibly a new angle on tricking unsuspecting potential victims into installing some Malware/crap ?

jrmhng · Jun 6, 2009

They look better than most AV websites.

Rmus · Jun 6, 2009

Not very impressive...

StevieO · Jun 7, 2009

huangker

Yeah a lot of them do, but that's one reason why some people get fooled/taken !

Rmus

I know, but what about the Font download prompt. Anything dodgy going on there ? It's most unusual in my expexience of visiting Malware www's. In fact i don't think i've seen it before on these type of sites. That's why i wondered if they could be attempting a new method of gaining entry in that way ?

Log in or Sign up

Fake AV with new tricks ?

StevieO Registered Member

Attached Files:

MC1.png

MC2.png

jrmhng Registered Member

Rmus Exploit Analyst

StevieO Registered Member

Log in or Sign up

Fake AV with new tricks ?

StevieO Registered Member

Attached Files:

MC1.png

MC2.png

jrmhng Registered Member

Rmus Exploit Analyst

StevieO Registered Member

Useful Searches