Ruyatabirler site - VIRUS INFECTION

Garreg Ddu

Gweinyddwr
Staff member
Another site similar to ITIGUAIRA has been found, with the same virus payload.


Please DO NOT ATTEMPT TO VISIT any site with Ruyatabirler in its name

It is infected with the EXPLOIT-YIMCAM virus.
 

Garreg Ddu

Gweinyddwr
Staff member
The site is at URL http://www.ruyatabirler.com/

The latest McAfee SiteAdvisor report give the site a clean bill of health, with no Virus, Trojan or hidden nasties. There is one report of spamming emails from the site, apparently related to a vacation/holiday sales site.

NetCraft reports it as OK, with only minor problems with pop-ups and accessibility.

Hosting is at IP Address 95.168.176.176, by Smyrna Telek. Int. ve Bilg. Hiz Ltd. in Turkey. The site language is Turkish with no other languages apparent.

The registration is fairly recent, and "Privacy Protected":

ruyatabirler.com
Registration Service Provided By: WWW.ISIMTESCIL.NET
Contact: +90.2163299393


Domain Adi: RUYATABIRLER.COM
Bitis Tarihi: 01-Jun-2011
Kaydedilme Tarihi: 01-Jun-2009
Domain Durumu: ACTIVE


DNS Sunucular:

resell01.alastyr.com
resell02.alastyr.com


Kaydedicinin Iletisim Bilgileri

PrivacyProtect.org
Domain Admin (contact@privacyprotect.org)
P.O. Box 97
Note - All Postal Mails Rejected, visit Privacyprotect.org
Moergestel
null,5066 ZH
NL
Tel. +45.36946676

Yoneticinin Iletisim Bilgileri

PrivacyProtect.org
Domain Admin (contact@privacyprotect.org)
P.O. Box 97
Note - All Postal Mails Rejected, visit Privacyprotect.org
Moergestel
null,5066 ZH
NL
Tel. +45.36946676

Teknik Yetkilinin Iletisim Bilgileri

PrivacyProtect.org
Domain Admin (contact@privacyprotect.org)
P.O. Box 97
Note - All Postal Mails Rejected, visit Privacyprotect.org
Moergestel
null,5066 ZH
NL
Tel. +45.36946676

Odeme Yetkilisinin Iletisim Bilgileri

PrivacyProtect.org
Domain Admin (contact@privacyprotect.org)
P.O. Box 97
Note - All Postal Mails Rejected, visit Privacyprotect.org
Moergestel
null,5066 ZH
NL
Tel. +45.36946676

PRIVACYPROTECT.ORG is providing privacy protection services to this domain name to
protect the owner from spam and phishing attacks. PrivacyProtect.org is not
responsible for any of the activities associated with this domain name. If you wish
to report any abuse concerning the usage of this domain name, you may do so at
http://privacyprotect.org/contact. We have a stringent abuse policy and any
complaint will be actioned within a short period of time.


The matching "ruyatabirler.org" site reverts to a hosting advertising search site, and there is a message that the domain may be for sale. No threats are present.
 
Top