The site nic.cz.cc has been blocked! I don’t see a reason why it should be while other cz.cc sites are allowed. There is no option on Avast to block false positive on URL alert!
Report 2011-07-07 11:44:27 (GMT 1)
Website nic.cz.cc
Domain Hash f90bda8d700a724306d75ad0d713baa4
IP Address 207.58.177.96 [SCAN]
IP Hostname nic.cz.cc
IP Country US (United States)
AS Number 25847
AS Name SERVINT - ServInt
Detections 1 / 23 (4 %)
Status SUSPICIOUS
Trend Micro Site Safety Center DETECTED
Report 2011-07-07 03:05:47 (GMT 1)
IP Address 207.58.177.96
IP Hostname nic.cz.cc
IP Country US
AS Number N/A
AS Name N/A
Detections 5 / 26 (19 %)
Status DANGEROUS
Autoshun DETECTED
Emerging Threats DETECTED
MyWOT DETECTED
Threat Log DETECTED
ZeuS Tracker DETECTED
Such false doesn’t matter much, since cz.cc is root of all evil, right?
I though it was co.cc, which is a hosting service, 2 free sub domains and 15000 sub domains for $1000. This is meant to be where much of the malware hosting is going on; so much so that google is considering blocking (not adding) any co.cc domains to the search index.
There’s tons of such… cz.cc, co.cc, co.be, ce.ms…
Perhaps this is something that we(avast!) should put a flag on those domains and sub-domains in the WebWep, at the least Orange/Yellow for search results, etc. If they really are the devils spawn ;D
True. Btw, it’s not only considered, but already done.
http://forum.avast.com/index.php?topic=66267.msg663445#msg663445
.cc is the country code for the Cocos (Keeling) Islands. The co.cc service is not an official subdomain of .cc, like .co.uk or .org.uk, but a privately registered service. Other users of .cc are not affected; the Arduino.cc domain for the open source electronics platform is not affected by Google's index changes and can still be searched for.