Live blackhole site was blocked by Google Safebrowsing

[polonus]

See: http://urlquery.net/report.php?id=75427
With various IDS alerts malcious software contains 111 trojans, 53 exploits, 21 bots.

Better to have stayed away from that site and therefore it is being blocked,
trojan Zero-access/Sirefef.pl seems dead since 2012-06-26 00:24:42 had been active for 3.2 hrs,
9 other instances of malware from there now also dead...No file was found at that url,

polonus

[mchain]

Thanks pol,

This is massively bad!   

I take it not active at the moment?

[polonus]

That could mean one of two things. Taken down or neatly blocked by the avast network shield. Think the first option!

polonus

[polonus]

This is what I have: Оффлайн (not active - Russian = offline)
12.07.12 19:07   26.06.2012 01:20    flyhighhavefun dot com    194.50.116.64   trojan ZeroAccess/Sirefef
Read this write-up: http://www.kindsight.net/en/blog/2012/06/28/malware-analysis-new-cc-protocol-for-zeroaccesssirefef
link author and link from: By Kevin McNamee, Kindsight Security Labs,

polonus

[polonus]

See: http://urlquery.net/report.php?id=90275
Good it is being blocked by Google Safebrowsing: http://www.google.com/safebrowsing/diagnostic?site=http%3A//www.dicodufutur.org/wp-signup.php%3Fnew%3Ddicodufutur.org

The location line in the header above has redirected the request to: htxp://www.dicodufutur.org/wp-signup.php?new=dicodufutur.org

AS Name: OVH OVH Systems
IPs allocated: 737024
Blacklisted URLs: 3460

Hosts...
...malicious URLs? Yes 
...badware? Yes 
...botnet C&C servers? Yes 
...Zeus botnet servers? Yes 
...Current Events? Yes 
...phishing servers? Yes 

polonus