Fake AV with new tricks ?

Discussion in 'malware problems & news' started by StevieO, Jun 6, 2009.

Thread Status:
Not open for further replies.
  1. StevieO

    StevieO Registered Member

    Joined:
    Feb 2, 2006
    Posts:
    1,067
    Malware Catcher 2009

    Here's new one: malwarecatcher.net / product.php

    Notice it wants to install some temp fonts ? I have this set to prompt as you can see. So i activated Returnil, and even with Scripting enabled and allowing the fonts, nothing appeared to happen. I was also unable to download the fake product ?

    Maybe someone else could try and see if they could investigate if these fonts are pretending to be something else. Possibly a new angle on tricking unsuspecting potential victims into installing some Malware/crap ?
     

    Attached Files:

    • MC1.png
      MC1.png
      File size:
      267.6 KB
      Views:
      213
    • MC2.png
      MC2.png
      File size:
      249.5 KB
      Views:
      241
  2. jrmhng

    jrmhng Registered Member

    Joined:
    Nov 4, 2007
    Posts:
    1,268
    Location:
    Australia
    They look better than most AV websites.
     
  3. Rmus

    Rmus Exploit Analyst

    Joined:
    Mar 16, 2005
    Posts:
    3,982
    Location:
    California
    Not very impressive...

    mcatcher.gif
     
  4. StevieO

    StevieO Registered Member

    Joined:
    Feb 2, 2006
    Posts:
    1,067
    huangker

    Yeah a lot of them do, but that's one reason why some people get fooled/taken !

    Rmus

    I know, but what about the Font download prompt. Anything dodgy going on there ? It's most unusual in my expexience of visiting Malware www's. In fact i don't think i've seen it before on these type of sites. That's why i wondered if they could be attempting a new method of gaining entry in that way ?
     
Loading...
Thread Status:
Not open for further replies.
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.