Threat Level: green Handler on Duty: Xavier Mertens

SANS ISC: InfoSec Handlers Diary Blog - 404dnserror Adware InfoSec Handlers Diary Blog


Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!

404dnserror Adware

Published: 2006-12-01
Last Updated: 2006-12-01 21:31:39 UTC
by Johannes Ullrich (Version: 1)
0 comment(s)
Our read Tom sent us a note about a site called "404dnserror/dot/com" (DO NOT VISIT).

A user of his was infected with some spyware/adware. It kept redirecting them to the '404dnserror' page. The page looks like a generic server error, but also advertises an anti-spyware tool in the form of an ActiveX like installer toolbar at the top of the page. To save you the risk of exposing yourself to the site, I included a screen shot below (click on the image to see the full page).



Its probably save to block/montor access to this domain.

Keywords:
0 comment(s)
Diary Archives