« previous next »
Pages: [1]   Go Down

Author Topic: id-5706543880_btcpay@aol.com  (Read 2567 times)

0 Members and 1 Guest are viewing this topic.

REDACTED

  • Guest
id-5706543880_btcpay@aol.com
« on: May 24, 2015, 10:47:54 PM »
Кто нибудь сталкивался с этим id-5706543880_btcpay(at)aol.com , и возможно его дешифровать?
« Last Edit: May 24, 2015, 11:52:42 PM by lukas.hasik »
Logged

Offline Pondus

  • Probably Bot
  • ****
  • Posts: 37532
  • Not a avast user
Re: id-5706543880_btcpay@aol.com
« Reply #1 on: May 24, 2015, 10:54:57 PM »
Non-english zone  >  Русский    https://forum.avast.com/index.php?board=21.0

Logged

Offline polonus

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 33900
  • malware fighter
Re: id-5706543880_btcpay@aol.com
« Reply #2 on: May 24, 2015, 11:02:56 PM »
Please break link to bad web host -> 5 appearances in spam e-mail or spam post urls

polonus
Logged
Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!

Offline Eddy

  • Avast Evangelist
  • Maybe Bot
  • ***
  • Posts: 31079
  • Watching (over?) you
    • Malware removal, Biljart and other things.
Re: id-5706543880_btcpay@aol.com
« Reply #3 on: May 24, 2015, 11:08:40 PM »
Looks to me like the BitcoinVault cryptolocker.
Logged

Offline polonus

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 33900
  • malware fighter
Re: id-5706543880_btcpay@aol.com
« Reply #4 on: May 24, 2015, 11:20:33 PM »
Hi Eddy,

According to DrWeb forums (translate txt in Dutch) this is a macro virus called cypher, a file encoder and after cleansing files could be permanently lost. Read: http://malware.wikia.com/wiki/Cipher
-> http://forum.drweb.com/index.php?showtopic=321241&hl=  (in Russian language).
Last recorded incidents for domain: https://www.c-sirt.org/en/incidents-on-domain/aol.com
-id-5706543880_btcpay@aol dot com,,,Not in namespace,
See hosting migration patterns here: http://toolbar.netcraft.com/site_report/?url=id-5706543880_btcpay%40aol.com
WARNING: MX records duplicates (same IP address): http://www.dnsinspect.com/aol.com/1432502814
WOT -> https://www.mywot.com/en/scorecard/64.12.79.57?utm_source=addon&utm_content=rw-viewsc

Damian
« Last Edit: May 25, 2015, 12:10:01 AM by polonus »
Logged
Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!
Pages: [1]   Go Up
« previous next »