TOKYO (MacHouse) – According to Quantcast (See Screenshot 01.), LiveVideo.com‘s monthly number of visitors fluctuates around 1.5 million. That could translate into thousands of dollars in the daily ad revenue. (Screenshot 02 shows the index page of LiveVideo.com’s website.) And, according to Alexa Traffic Details, LiveVideo.com has a traffic rank of 1,371 with 34.2% of their visitors coming from the U.S., 9.6% from India and 5.0% from Japan.
 Screenshot 01 – Source: Quantcast |
 Screenshot 02 – Source: LiveVideo.com |
 Screenshot 03 – Source: MacHouse |
An organized spammer group has circulated at least one junk comment several hours ago to advertise several different websites. This post contains two hyperlinks pointing to the following URLs at LiveVideo.com.
http://www.livevideo.com/vanessaanne
http://www.livevideo.com/tilatequilan
If you access the first URL, you will see a junk profile with a video screen. It’s titled vanessa anne hudgens nude photo with a hyperlink to http://vbestserv.org/ds/go.php?sid=1. (See Screenshot 04.) Clicking on the hyperlink, one can be forwarded to one of two or more websites. One destination is a website titled Free Full Lenght Movie (See Screenshot 05. A spelling mistake is theirs.) If you further click on the video screen, you will be forced to download a file titled exclusivemovie.1630.exe, which is suspected of containing unknown piece of malware. Another destination is a website titled Celebrity Porn, which contains low-quality photo images of celebrities. Clicking on any of them, one will be forwarded to a website hosted at the domain of celebriti-with-you.com. (See Screenshot 06.) This is where one will be forced to download the same suspicious file delivered from codecdownload.filesstorage4you.com.
 Screenshot 04 – Source: LiveVideo.com |
 Screenshot 05 – Source: qualityvideofileshere.com |
 Screenshot 06 – Source: Celebrity Porn |
Our preliminary analysis shows that the redirection website at vbestserv.org is hosted in the U.K. And the website delivering a suspicious file labeled exclusivemovie.1630.exe appears to be hosted in Latvia. We will have a more detailed report in several hours.
