Nov9
9:05 am (UTC-7)   |   by Ryan Flores (Advanced Threats Researcher)

The domain Yahoo550.com was recently found to be hosting malicious files. Not related in any way to Yahoo!, the domain was obviously created to trick users into thinking that it is a valid domain in the fashion of Yahoo! 360°, Yahoo’s version of a social networking site.

Based on DNS information, Yahoo550 was registered by someone named Bill Adward, whose email address is from Yahoo! competitor Hotmail.

Currently, four subdomains of Yahoo550 are found to be serving malware:

  • www.yahoo550.com
  • travel.yahoo550.com
  • sports.yahoo550.com
  • image.yahoo550.com

There are no available Web pages for the domains and the malicious file needs have to be accessed directly. It is not known yet if the exact malicious URLs were spammed or linked from compromised Web pages.

The malware file served from this site is detected by Trend Micro as TROJ_FARFLI.EY.

If you're new here, you may want to subscribe to our RSS feed. Thanks for visiting!



This entry was posted on Friday, November 9th, 2007 at 9:05 am and is filed under Malicious Sites, Malware . Responses are closed, but you can trackback from your own site.



Comments are closed.


The 3-Step (Infection) Program
Hidden IFRAMEs Launch Malware En Masse


 
TrendWatch Hijack This Web Protection Add-On
Free Online Virus Scan Rootkit Buster Submit Suspicious Files
Global Malware Map RUBotted? Trend Micro
 



    		 
© Copyright 2009 Trend Micro Inc. All rights reserved. Legal Notice