Avast community forum
Home
Help
Search
Login
Register
Avast WEBforum
»
Other
»
Viruses and worms
(Moderators:
Maxx_original
,
misak
) »
Andromeda here not blocked?
« previous
next »
Print
Pages: [
1
]
Go Down
Author
Topic: Andromeda here not blocked? (Read 1153 times)
0 Members and 1 Guest are viewing this topic.
polonus
Avast Überevangelist
Probably Bot
Posts: 34051
malware fighter
Andromeda here not blocked?
«
on:
January 31, 2014, 05:55:20 PM »
See: tyxb1tch35 dot su/uplink/ 124.248.205.135 Andromeda
Two detect:
https://www.virustotal.com/nl/url/ab05df16973bbd7cdd5d360fdaa740242a7ca381eff2d2789764809f65cadb7c/analysis/1391185632/
http://urlquery.net/report.php?id=9147737
&
http://maldb.com/styxb1tch35.su/uplink/
styxb1tch35.su,124.248.205.135,ns1.cloudns.net,Criminals, (this only denotes mlacode is active, nothing more, nothing less)
Missed completely and utterly here:
http://zulu.zscaler.com/submission/show/894fe13040707e2ea68e7675c8e98b74-1391185822
Site is rather new, is that why? Re:
http://www.scamvoid.com/check/styxb1tch35.su
Nice read on Andromeda from author Waahoo here:
http://cyb3rsleuth.blogspot.nl/2012/02/andromeda-bot.html
and
http://blogs.mcafee.com/mcafee-labs/andromeda-botnet-hides-behind-autoit
- link article author = Umesh Wanve
We can establish here that a lot of common website scanner miss these Cybercrime botnet sites (Zeustracker as an exemption)
see:
http://app.webinspector.com/public/reports/19817734
polonus
«
Last Edit: January 31, 2014, 06:04:00 PM by polonus
»
Logged
Cybersecurity is more of an attitude than anything else. Avast Evangelists.
Use NoScript, a limited user account and a virtual machine and be safe(r)!
Print
Pages: [
1
]
Go Up
« previous
next »
Avast WEBforum
»
Other
»
Viruses and worms
(Moderators:
Maxx_original
,
misak
) »
Andromeda here not blocked?