Prevx Blog
The key to all your Adult Pleasure (Zdnet, Chinese Gov?)
Posted by: Jacques Erasmus
This time around its called Micro-Codec. The filenames are normally structured like MICRO-CODEC[0-9][0-9][0-9][0-9].EXE.
These come and go on a daily basis, but this one warranted more then 2 minutes of our time.
Here's what we found:
One of the main sites that point users to the codec download is listed below.
Registered and running from Singapore, it's been used in the past to peddle illegal porn, a quick google search shows this clearly, however to our suprise we found some very reputable sites containing guestbook and talkback spam containing these links.
Clearly there has been a breakdown in filtering these out somewhere along the line. Countless users are being directed to these sites from reputable sites, and having a link on all these sites improves the pagerank of said malicious site, making it easier to find via Google.
See Image below for some mid afternoon humour. (There are currently 734 sites linking to this site!)
By the way - The Domaintools Reverse IP for this server looks quite juicy, see below!
And finally.... Have you seen this person?
2 comments so far
- Lord KiRon on Jul 17 4:12, 2007
Funny
The registration is on Russian, literally it says :
1. Name: Kitaesa - chinees guy (offensive)
2. Glavnaya ulica - "main" street
3. Glavniy Gorod - "main" town
Yes.We must be carefully.Thanks.