Holger over at MDL has warned of a new impersonator, whose sole purpose is to infect the living daylights out of those that unwittingly mistype the MDL domain. The impersonator is;
Which takes you to a fake warning at;
This leads to the payment page at;
Which redirects to:
The certificate for this one is provided by Thawte (seems these certification authorities aren't learning .......).
IP: 220.127.116.11 (previously at: 18.104.22.168)
Attention !! Malwaredomainlist(s).com distributes Rogue AV
hpHosts - malwaredomainslist.com