TOKYO (MacHouse) – For the past 24 hours, there have been a few new additions to the victim’s list of antivirus-scanonline.com exploitation. One is the website at www.mnemosyne.asso.fr. Lehigh University once appeared to have swept all malicious files out, but they have fallen a victim again. Another new comer to the victim’s list is Polytechnic University of Madrid (Universidad Politécnica de Madrid). (Screenshot 01 shows the index page of University’s website.) Its Artificial Intelligence Laboratory (Laboratorio de Inteligencia Artificial) has a website at http://www.lia.upm.es. (See Screenshot 02.) A cyber criminal organization behind the ongoing Antivirus 2008 exploitation has installed ill files so that they could redirect innocent Internet users to the fake anti-virus scan website hosted at antivirus-scanonline.com.
 Screenshot 01 – Source: upm.es |
 Screenshot 02 – Source: www.lia.upm.es |
The story is the same. If one accesses a wrong URL hosted at the website of Polytechnic University of Madrid’s Artificial Intelligence Laboratory, he or she can be redirected to the fake anti-virus scan website at antivirus-scanonline.com. (See Screenshot 03) That’s where a Trojan horse derivative awaits innocent Internet users.
 Screenshot 03 – Source: www.lia.upm.es |
 Screenshot 04 – Source: antivirus-scanonline.com |
 Screenshot 05 – Source: antivirus-scanonline.com |
Meanwhile, Dutch web hosting company LEASEWEB still provides a safe haven to the fake anti-virus scan website at antivirus-scanonline.com.
Click on the button to watch a documentation video. 
Click on the button to watch more documentation videos.
References:
Beware of XXX.WHATSDIRECT.COM and HQTUBE.COM – Redirection to Porn Website and ANTIVIRUS-SCANONLINE.COM
Is the Fake Anti-Virus Scan Website at ANTIVIRUS-SCANONLINE.COM Still at Risk?
Antivirus 2008 (ANTIVIRUS-SCANONLINE) Wrap-Up June-01
Briefly: A U.K. College Website Exploited for Antivirus 2008 (ANTIVIRUS-SCANONLINE.COM)
Saudi Arabian Government Website Falling a Victim to Antivirus 2008 (ANTIVIRUS-SCANONLINE.COM) Exploitation
Briefly: 3 New Websites Falling Victims to the Exploitation of Antivirus 2008 (ANTIVIRUS-SCANONLINE.COM)
Antivirus 2008 (ANTIVIRUS-SCANONLINE.COM) Finding New Home in the Netherlands?
New York-Based Web Hosting Company Ezzi.net Failing to Pull the Plug Off Fake Anti-Virus Scan Websites
Hopefully, Saying Good-Bye to the Fake Anti-Virus Scan Websites of ANTIVIRUS-SCANNER.COM and ANTIVIRUS-SCANONLINE.COM for Now…
Victims of ANTIVIRUS 2008 (Malware) & Troj/FakeVir-BF Growing Exponentially
Failure to Remove Ill Files Converts Beacon University Websites Into Redirection Points for ANTIVIRUS-SCANONLINE.COM
ANTIVIRUS-SCANONLINE.COM: Response to a Comment at FORUMS.SLICKDEALS.NET
The Name of A Next Anti-Virus Scan Domain Will Be…
File Determined to Contain Troj/FakeVir-BF
What Do We Know About These Fake Anti-Virus Scan Websites?
Lehigh University’s Multiple Department Websites Exploited for Redirection to ANTIVIRUS-SCANONLINE.COM
ANTIVIRUS-SCANONLINE.COM: 15 Websites Victimized in the Latest ‘?prj’ Exploitation Scheme
Warning: A New Fake Anti-Virus Scan Website Discovered
