MacHouse video tutorials for Mac search engine optimization Spam database Web Hosting providers Web Hosting review web hosting providers MacHouse Help

July 10, 2008

Beware of Fake Spyware Removal Scan Websites at ONLINE-XPCLEANER.COM and FREEWEBSCANNER.COM

Filed under: Internet security — Administrator @ 9:30 am
Posted about 2 years and 0 months ago

anti spam






TOKYO (MacHouse) - There are a couple of fake spyware scan websites we found today. One is hosted at the domain of online-xpcleaner.com. (See Screenshot 01.) This is not totally new. The domain was registered in June 12. The other one is hosted at the domain of freewebscanner.com. (See Screenshot 02.) The latter fake spyware scan website is relatively new. The domain was registered in July 7. We ran into these fake spyware scan websites after accessing a redirection website hosted at http://free-worm-remover.bulonwood.com.





online-xpcleaner.com free-worm-remover.bulonwood.com
Screenshot 01 - Source: MacHouse		   online-xpcleaner.com free-worm-remover.bulonwood.com
Screenshot 02 - Source: mnhor8.cn		   online-xpcleaner.com free-worm-remover.bulonwood.com
Screenshot 03 - Source: endcodec.net






An organized cyber criminal group circulated a long spam comment to advertise a fake malware removal tool. (See Screenshot 03.) All the hyperlinks point to a subdomain website hosted at http://free-worm-remover.bulonwood.com. This website is particularly used to redirect Internet users to malacious websites. It became inaccessible about half an hour ago.

This redirection website is not totally new, either. The domain was registered in February 12. (See Screenshot 04.) Interestingly, the web host of this redirection website is… Ahh… It’s a notorious German web host called netdireckt. (Screenshot 05 shows the index page of netdireckt’s website.) It’s behind many scam operations, right?





online-xpcleaner.com free-worm-remover.bulonwood.com
Screenshot 04 - Source: WhoIs.Net		   online-xpcleaner.com free-worm-remover.bulonwood.com
Screenshot 05 - Source: netdirekt.de		   online-xpcleaner.com free-worm-remover.bulonwood.com
Screenshot 06 - Source: HostFresh






As for the fake spyware scan website hosted at the domain of online-xpcleaner.com, the IP address of the web server is 58.65.238.106. This IP address belongs to a hosting company based in Hong Kong called HostFresh. (See Screenshot 06.)

Furthermore, we don’t know exactly where the other fake spyware scan website is hosted. Its web server seems to have the IP address of 72.36.198.2. This IP address belongs to Layered Technologies, Inc. This company is located in Plato, Texas. We are not sure if Layered Technologies offers hosting services.





********** ********** ********** ********** ********** ********** ********** **********

MacHouse is not funded by tax payers' money. We have limited resources. We also need time to sleep and eat just as others. So we will not act as the International police to contact all victims of website abuse. All you have to do is to subscribe to spam messages and spam posts. If we can, why don't you?







Leave a Reply


You are prohibited from posting comments merely to advertise your website. Please read Rules and About This Blog at the top menu bar for more information.

Because of spam-comment criminals, we are forced to manually moderate every comment that you may post. Your comment will appear only after we review and then approve it. It will take us several hours at most to review it.

Please note that all one-sentence comments will be automatically rejected as an anti-spam measure.

Subscribe without commenting