Tuesday, September 15, 2015

Post #8 (Or... "WARNING!! Malware.Vicious.A EXE Found In System! Super Cleaning Immediately Advised!")

I have finally completed my research for this post. It has been more than half a year since I started collecting artifacts and samples of what ESET refers to as HTML/FakeAlert, and multiple more late nights of data extraction, organization, and correlation, but it is finally finished.

What you will see below is the data I gathered and manipulated from every instance of the above-stated alert that I could find. There are listings of raw, just-the-facts data, as well as some contrasts and comparisons.


Please bear in mind that all of this was done with whatever data I could get my hands on, and all of it was done in my spare time. I do not propose that this little project in any way accurately represents anything close to the proverbial "Big Picture", but it was definitely fun to put together and play with.

I hope you all enjoyed the read


So, this will be a single "post", but I will update it over time. I am adding a spoiler, because with all the images added over time, it will grow massive.

I am collecting tech support scam items! Screenshots, URLs, HTML files if I can get it, etc. will all be added here. I am nothing short of impressed at the sheer numbers of variations of domain names, phone numbers, images, etc. that these campaigns employ. That having been said, they tend to disappear just as quickly as they are set up. I want to capture them here for historical purposes, as well as to possibly correlate data for any patterns (domain registrant e-mail addresses, registrars, phone numbers, phraseology, etc.)

See below for content!

No comments:

Post a Comment