Spamdexing and another YouTube look-alike
A little background ... I have this blog set to "Approve" most content that is added via the "Comments" link. Now I usually get a few Spam entries that I simply ignore ... but this one caught my eye and I thought I'd follow the link posted to see where it went ...
Notice the content posted at the bottom of the above page? ... it's a quote from one of my posts the other day "Beware of YouTube look-alikes" ... however clicking on any of the images just above that leads to "reportblogsite(dot)com" ... even the page layout and design is the same ... strange ...
Image edited for display purposes.
Which looks like a typical blog type site ... except if you click any of the images on the page which leads to ...
Imagine that! ... another YouTube look-alike with the same old bogus (Trojan.Codec/Zlob) prompt ... the download "setup_axplugin.exe" from "axvideoplay(dot)com" is not very well detected [VirusTotal results]
Then just this morning I get another Spamdexing comment ... waiting for Approval ... same page layout and design as the others ... well isn't that special! ... and you guessed it ... clicking any of the innocent looking images leads to "youutubee(dot)com". Matter of fact the images are actually being drawn from Metacafe a safe YouTube type site ...
Needless to say all these culprits will be added to the next HOSTS file update ...
reportblogsite(dot)com and reachnewsworld(dot)com are both hosted at Intercage [69.50.160.0 - 69.50.191.255]
axvideoplay(dot)com and axvideoplugin(dot)com are both hosts at Layered Technologies which is fast becoming a new haven for the Trojan.Codec gang ... as evidenced in my last post ...