FYI...
Urgent Block: NoS.fileave[dot]com and dota2trailer[dot]tk
- http://www.malwaredomains.com/wordpress/?p=1537
January 6th, 2011 - "From the Internet Storm Center*: "dota2trailer .tk claims to have a video trailer for the new Dota 2 game but instead installs a keylogger to steal credentials from gamers… Looking at the code on the site it does try to use java to download “hxxp://NoS. fileave. com/CamPlug.exe” These sites will be blocked on tonight’s update but you shouldn’t wait…"
Fake Game Demo website
* http://isc.sans.edu/diary.html?storyid=10228
Last Updated: 2011-01-06 21:10:19 UTC - "... VirusTotal's url check* didn't show -any- known maliciousness associated with that url..."
* http://www.virustotal.com/url-scan/r...012-1294334566
Submission date: 2011-01-06 18:22:46 (UTC)
Antivirus report: View downloaded file analysis
Webscan result: 0/6 (0.0%)
[ Firefox Clean site, G-Data Clean site, Google Safebrowsing Clean site, Opera Clean site, ParetoLogic Clean site, Phishtank Clean site ]
- http://www.virustotal.com/file-scan/...4bf-1294358709
File name: CamPlug.exe
Submission date: 2011-01-07 00:05:09 (UTC)
Result: 2/43 (4.7%)
1) http://www.mywot.com/en/scorecard/nos.fileave.com
Spam - 1
2) http://www.mywot.com/en/scorecard/dota2trailer.tk
Spam - 1 / Browser exploit - 2