Here�s researcher Patrick Jordan�s narrative:
�Any site that runs a fake codec scam or other social engineering scam to get users to infect themselves -- those sites directly and indirectly associated are put into my sites listings and Zango just made it!
�From a rotational site I use to get the standard fake codecs and dischargers, today I found one of the re-directs going to a fake codec page advertising porn movies and the normal �No video player found.�
�What I got was a pop-up for a DreamMediaPlayerSetup.exe coming from prompt-zangocash.com.�
�Even just going to the main site url will also give a type of fake scanning then tell you not to close the window until installation is complete.�
Sites in the same IP all come under the same email user name with two different aliases:
Andrej Zolotov jcc_parker @ yahoo.com
Dmitry Ivanov Private person jcc_parker @ yahoo.com
216.12.161.18
coolvideoss.com
evideofreak.com
hidevideozz.com
innovavids.com
paradisios.com
pornntubxxx.com
pornotubxxx.com
porntubxxx.com
pvideoguide.org
qualivids.com
reliable007.com
videoguidez.com
videolifezzz.com
youvideoss.com
youvideozz.com
Our last blog entry, from April, about Zango being sold at fire-sale prices is here:
Thanks Patrick
Tom Kelchner
No comments:
Post a Comment