polonus
36
Hi WayneHuang,
There certainly is some issue there, see: http://urlquery.net/report.php?id=4717
mail dot waplove dot cn waplove dot cn mobile malware command and control server …
www dot myspacemp3 dot org 95.215.60.37 piracy base3 dot 3cliks dot srv dot br - this malware issue was from June last -http://doc.emergingthreats.net/pub/Main/RussianBusinessNetwork/RBN_IP_List_Update_6-19-2011.txt notorious malware site, so site status possibly suspicious and compromised this was there and now mitifated to 93.114.40.112 (previous 209.44.103.29) site rep: Suspicious [2 / 6]
while sucuri gives it clean here:
web site: -http://www.kat.ph/releases/
status: Verified Clean
web trust: Not Blacklisted
But see: http://www.urlvoid.com/scan/kickasstorrents.com
Mafia Wars Info stealer activity, see also: http://hosts-file.net/?s=kickasstorrents.com
Classification EMD (malware activity etc.)
Also see: http://google.com/safebrowsing/diagnostic?site=kat.ph
Furthermore consider:
-http://ad.adperium.com/st?ad_type=iframe&ad_size=728×90§ion=655765
the malware comes/came from -http://91.216.3.108/ca1/index.php via “Multiple Adobe Reader and Acrobat buffer overflows”.
see: http://wepawet.iseclab.org/view.php?hash=1698072b7a5718dae7b1049ffe4aab2a&t=1273513777&type=js
could have been cleansed in the mean time, see: http://urlquery.net/report.php?id=5241
polonus