"secure.a5bill.com" is hosted on the same IP as the following and all the downloads are detected as Win32/Adware.CoreguardAntivirus
coreguard-antivirus. com
guardlab2009. biz
guardlab2009. net
guardlab2009. com (Google Diagnostic report)
Some of the others on the above list are using:
fullguardlab. com
== Server Certificate ==========
[Subject]
CN=fullguardlab. com, OU=Free SSL, OU=Hosted by LiderTelecom LTD, OU=Domain Control Validated
[Issuer]
CN=EssentialSSL CA, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB
[Serial Number]
00912B6C954BB5BEA83000C4599B9A5C13
bitcoreguard. com
== Server Certificate ==========
[Subject]
CN=fullguardlab. com, OU=Free SSL, OU=Hosted by LiderTelecom LTD, OU=Domain Control Validated
[Issuer]
CN=EssentialSSL CA, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB
[Serial Number]
00912B6C954BB5BEA83000C4599B9A5C13
-------------------------------------------------
So this got me to thinking ... a while back (04-21-09) I reported to Comodo via their secret address a list of sites distributing malicious software ... although I never received a reply as I did when I reported "Conficker systems being updated with SpywareProtect2009" which Comodo had issued a certificate to.
Anyway ... I went back and checked the sites I last reported and it seems Comodo has decided to ignore my report ...
rapid-antivir-2009. com
rapid-antivir2009. com
rapid-antivirus2009. com = all redirect to:
coreguard-antivirus. com
guardlab2009. biz
guardlab2009. net
guardlab2009. com (Google Diagnostic report)
Some of the others on the above list are using:
fullguardlab. com
== Server Certificate ==========
[Subject]
CN=fullguardlab. com, OU=Free SSL, OU=Hosted by LiderTelecom LTD, OU=Domain Control Validated
[Issuer]
CN=EssentialSSL CA, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB
[Serial Number]
00912B6C954BB5BEA83000C4599B9A5C13
bitcoreguard. com
== Server Certificate ==========
[Subject]
CN=fullguardlab. com, OU=Free SSL, OU=Hosted by LiderTelecom LTD, OU=Domain Control Validated
[Issuer]
CN=EssentialSSL CA, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB
[Serial Number]
00912B6C954BB5BEA83000C4599B9A5C13
-------------------------------------------------
So this got me to thinking ... a while back (04-21-09) I reported to Comodo via their secret address a list of sites distributing malicious software ... although I never received a reply as I did when I reported "Conficker systems being updated with SpywareProtect2009" which Comodo had issued a certificate to.
Anyway ... I went back and checked the sites I last reported and it seems Comodo has decided to ignore my report ...
rapid-antivir-2009. com
rapid-antivir2009. com
rapid-antivirus2009. com = all redirect to:
Read more
http://msmvps.com/blogs/hostsnews/archive/2009/05/16/1692519.aspx
Kudos to Donna for the heads up!, who wrote;
All I can say is Comodo products need NO support at all. If they continue to earn money from this malware/rogue authors by issuing certificate or if their free certificates give them “popularity” (to attract potential paying customers) then how is the fight against rogue/malware will succeed if a known security vendor will do that?
Which is why CoU and LandzDown stop posting updates information on Comodo Internet Security Suite/Free firewall because Comodo, Symantec, Webroot, StopZilla and BitDefender and ZoneLabs have partner with that Ask.com, which as we all know… unwanted and questionable company for continue to push/hosts spyware/adware stuff using different domains or part of their business.
Which is why CoU and LandzDown stop posting updates information on Comodo Internet Security Suite/Free firewall because Comodo, Symantec, Webroot, StopZilla and BitDefender and ZoneLabs have partner with that Ask.com, which as we all know… unwanted and questionable company for continue to push/hosts spyware/adware stuff using different domains or part of their business.
Read more
http://msmvps.com/blogs/donna/archive/2009/05/16/comodo-continue-to-issue-certificates-to-known-rogue-malware.aspx
No comments:
Post a Comment