On my weekly rounds of researching certain terms that usually result in new malware sites ... this week was no different. The page looks pretty realistic doesn't it for a ".de" looking language domain? Well except for the actual URL listed ... that is NOT an Adobe domain.
Clicking on the download button = "install_flash_player.exe" running the file thru VirusTotal gives disappointing results = 2/40 (5%)
Back in June 09 I wrote how these malware distributors were using the same page title ("PornTube: best movies collection.") to draw unsuspecting people into thinking they needed some kind of Adobe Flash player update to view the offered adult movie on the site. Of course this is bogus and all the viewer gets is a nasty infection ...
The really sad part is back in June the three major search engines returned the following:
Google: 6,080 for "PornTube: best movies collection.".
Yahoo: 10,100 for "PornTube: best movies collection."
Microsoft Live/Bing: 325 results - With "SafeSearch" turned off: 1-30 of 565 results
Today's results shows the explosion in the amount of sites using that page title:
Google: 886,000 results for "PornTube: best movies collection."
Yahoo.com: 6,220 results for "PornTube: best movies collection."
Bing: 2,740 results for "PornTube: best movies collection."
That's quite an increase huh? most of these are now ".cn" registered domains ...
Be careful out there folks ... this is big business and the bad guys are out to get you ... your ID and your $$$ ...