Holger over at MDL has warned of a new impersonator, whose sole purpose is to infect the living daylights out of those that unwittingly mistype the MDL domain. The impersonator is;
Which takes you to a fake warning at;
This leads to the payment page at;
Which redirects to:
The certificate for this one is provided by Thawte (seems these certification authorities aren't learning .......).
IP: 126.96.36.199 (previously at: 188.8.131.52)
Attention !! Malwaredomainlist(s).com distributes Rogue AV
hpHosts - malwaredomainslist.com