<<< NEWS FROM THE LAB - Monday, August 3, 2009 >>> ARCHIVES | SEARCH Rogue AV Using Malware Domains List Posted by Alia @ 06:15 GMT Malware Domains List (MDL) is a popular website among security professionals and others interested in IT security. Now a rogue antivirus promoter seems to have latched onto its popularity by setting up a website on a URL very close to MDL's domain.



Visitors expecting to see this:







May instead end up seeing the following:







Note the difference in the URL between the legitimate website and the fake.



Despite a few grammatical errors, the warning does a decent job of looking like a legitimate notice from Firefox. Compare it to the (legit) one below:







Note the "Get security software" button on the malicious website's "warning" message. If clicked, the user is directed to a website promoting a rogue antivirus solution.



You can read more about it at http://www.malwaredomainlist.com/forums/index.php?topic=3188.









