Malvertising clicksor toujours en ligne

…: https://www.malekal.com/2011/12/13/malvertising-asrvstatsmanager-com-droppe-malware-via-videobb-et-adserve-com/ Celle de clicksor après avoir été en sommeil fait son retour.   hxtp://serw.clicksor.com/newServing/showbanner.php?nid=1&xxxx hxtp://dueicow.info/43d7f87b86dfab98953c543c3a0e4e83 (184.107.189.53) hxtp://durkapoc.com/in.cgi?3 hxtp://mitchell-i-shop-nord-po-rated-blogg.com/com.class (109.236.81.247) hxtp://mitchell-i-shop-nord-po-rated-blogg.com/content/v1.jar hxtp://mitchell-i-shop-nord-po-rated-blogg.com/content/fdp1.php?f=105 hxtp://mitchell-i-shop-nord-po-rated-blogg.com/content/cph2.php?c=105 hxtp://mitchell-i-shop-nord-po-rated-blogg.com/content/fdp1.php?f=105 hxtp://mitchell-i-shop-nord-po-rated-blogg.com/pentalgin.php?page=637f131124c215e2 => http://www3.malekal.com/malwares/index.php?&domaine=109.236.81.247   La bannière…

Malvertising sur dl-protect.com via hooqy.com et clicksor

…conduit au BlackHole La bannière malicieuse : C’est en fait clicksor qui charge celle-ci : Les liens BlackHole : http://ads.hooqy.com/newServing/banner_frame.php?nid=1&pid=159185&sid=241812&zone=-1&image=3&adtype=1&key=8bea49e5152adb5a2d9dbd8496455335 (199.21.148.108) http://totyballl.info/43bf6353ecaa0e20c9631bcb680ea963 http://untidy.alnilin.info/main.php?page=a306572deb323e11 (84.19.161.156) http://untidy.alnilin.info/content/fdp1.php?f=27 http://untidy.alnilin.info/content/cph2.php?c=27 http://untidy.alnilin.info/content/v1.jar http://untidy.alnilin.info/content/fdp1.php?f=27 http://untidy.alnilin.info/com.class http://untidy.alnilin.info/content/fdp1.php?f=27…