Fake AV with new tricks ?

Discussion in 'malware problems & news' started by StevieO, Jun 6, 2009.

Thread Status:
Not open for further replies.
  1. StevieO

    StevieO Registered Member

    Joined:
    Feb 2, 2006
    Posts:
    1,067
    Malware Catcher 2009

    Here's new one: malwarecatcher.net / product.php

    Notice it wants to install some temp fonts ? I have this set to prompt as you can see. So i activated Returnil, and even with Scripting enabled and allowing the fonts, nothing appeared to happen. I was also unable to download the fake product ?

    Maybe someone else could try and see if they could investigate if these fonts are pretending to be something else. Possibly a new angle on tricking unsuspecting potential victims into installing some Malware/crap ?
     

    Attached Files:

    • MC1.png
      MC1.png
      File size:
      267.6 KB
      Views:
      213
    • MC2.png
      MC2.png
      File size:
      249.5 KB
      Views:
      239
  2. jrmhng

    jrmhng Registered Member

    Joined:
    Nov 4, 2007
    Posts:
    1,268
    Location:
    Australia
    They look better than most AV websites.
     
  3. Rmus

    Rmus Exploit Analyst

    Joined:
    Mar 16, 2005
    Posts:
    3,943
    Location:
    California
    Not very impressive...

    mcatcher.gif
     
  4. StevieO

    StevieO Registered Member

    Joined:
    Feb 2, 2006
    Posts:
    1,067
    huangker

    Yeah a lot of them do, but that's one reason why some people get fooled/taken !

    Rmus

    I know, but what about the Font download prompt. Anything dodgy going on there ? It's most unusual in my expexience of visiting Malware www's. In fact i don't think i've seen it before on these type of sites. That's why i wondered if they could be attempting a new method of gaining entry in that way ?
     
Loading...
Thread Status:
Not open for further replies.