Wednesday, June 23, 2010

SpyEye C&C and spreading with Microsoft SpyNet Black Hat Seo technique

The following domain typo squat it's been detected googling the URL:


As know, Spy Net is a Microsoft forum where are discussed new threats, malware and so on.
More info about this service are placed here:

In the following screen shot it's reported result (shown with a smile) from Google:

The red point is the MyWot response for the malicious URL. At the following page the SpyEye admin panel:


The RobTex info about the fake SpyNet domain (and others):

Some notes: - this domain, was already known from MDL and other malicious URL database. Malware Domain List records:

So I think that the interesting thing is the smile that appears as Google result.

An update (7/6/2010): the "smile Google result" is still alive :)

Sunday, June 13, 2010