Exploit opens Windows Contacts
Landing on "google-stats(dot)cn" (courtesy of MalwareDomainList) redirects to the following site ... which pops-up the generic Microsoft warning (Remote Data Services Data Control) ... however this time and this is a first for me is a prompt to open Vista's Windows Contacts ...
The "/doc.pdf" entry is an attempt to exploit Adobe Reader which always seems to be under attack lately. Symantec detection details here. This is one of the reasons I no longer use Adobe Reader and found the FoxitReader (freeware) to fit my needs nicely and is faster and much smaller (2.6 mb download)
It's no surprise that "myfrooogle(dot)cn" is hosted at HostFresh - [126.96.36.199 - 188.8.131.52]
"Norton Safe Web has analyzed myfrooogle(dot)cn for safety and security problems.
Below is a sample of the threats that were found. Screenshot not available
Viruses Severity: High - 6 instances found."
In checking several other online scanners ... McAfee's SiteAdvisor hadn't scanned the site and AVG's LinkScanner reported:
"Congratulations! LinkScanner Online did not find any exploits." ... ouch!!
At least Google lists this site as harmful ... Yahoo does not as it uses McAfee's SiteAdvisor ...