[en] Another SEO poisoning lead to PUPs

Sometimes ago, i wrote an entry for a SEO poisoning campaign for the Browlock ransomware using hacked websites.
Another campaign leading to PUPs.
The links are similar to the Browlock Campaign, they are probably using the same tools.

PUP_SEO_googlePUP_SEO_google2

 

 

Words Spam :

PUP_SEO_google3

The redirections.

 

http://s0ftpedia.pw/files/t%C3%A9l%C3%A9charger%20latis%20bio%20gratuit&id=my – https://www.virustotal.com/fr/ip-address/5.199.171.242/information/
http://s0ftpedia.pw/files/t%C3%A9l%C3%A9charger%20latis%20bio%20gratuit&id=my
http://pushtraffic.net/TDS/?wmid=99939&uid=967&q=T%C3%A9l%C3%A9charger_Latis_Bio_Gratuit – https://www.virustotal.com/fr/ip-address/91.205.156.86/information/
http://pushtraffic.net/TDS/?wmid=99939&uid=967&q=T%C3%A9l%C3%A9charger_Latis_Bio_Gratuit
http://j.theadsnet.com/j5GR9KvcCpJl3KxNbd2jHELdoS5hn5sieZuaPXu8lDpq6pYiQLmNZh%2Ft1GwT%2FoUaXrnIQUPSxB%2F1TZGsk4tpEkyLYAUdnGgPL4dSHSOXTuQ8nWHyO3Q%2F%2FyU5LLtrOxOrazoVrg%3D%3D
http://j.theadsnet.com/static/jquery-1.11.3.min.js
http://lss799.filedatabase.biz/j5GREkGD7Ho/2Oh8OZ2Qem3UtDV1pasUWqWpJmmXozpxk6IlQ6ScMlLymSwX6cVSHe7NUgTQzk1FkZ8GXtU4SgffPFEykXsPKJF/ICOcLLBoiGfmNGZw6AlwZP8/NRm1PWBM9AktGL0ScF7AAndC11NoXcITRErFE1ATzBVFZ8caXxrU7UUnz/RNcPnYHiOm71AKpP4pOqDJKjLyqm4Vt+0TDKefaFr1l2VZ8ZJrX9KablOS0z8RisUMQNyLWOPB2liwxaZHvc3wQ7jJ/0H1Mv5KpjW35aA95eL4Ka/pnFWYqslw3/XHPZbmwnuf+8V8h/iIFdTS2EWSmYkWzJrnR8PF – https://www.virustotal.com/fr/ip-address/109.200.202.121/information/

 

As you can see they are using a TDS at pushtraffic.net :

PUP_SEO_poisoning

PUP_SEO_poisoning2

PUP_SEO_poisoning3
The TDS rise at ~22k at Alexa

PUP_SEO_poisoning4Example of the final installer with a lot of commons PUPs : Adanak (Adware.BrowseFox), Vuu PC, Webssearches (Hijacker), Boxore etc.

PUP_SEO_poisoning5

 

to be continued to : https://www.malekal.com/2015/03/27/en-pups-by-crackskeygen/

Print Friendly, PDF & Email
(Visité 103 fois, 1 visites ce jour)

Vous pouvez aussi lire...

Les Tags : #Windows10 - #Windows - #Tutoriel - #Virus - #Antivirus - #navigateurs WEB - #Securité - #Réseau - #Internet