[MALWARE:] rev dot opentransfer dot com

Talk about internet security, computer security, personal security, your social security number...
Post Reply
monetandme
Posts: 3
Joined: Wed Jan 05, 2011 3:41 am

[MALWARE:] rev dot opentransfer dot com

Post by monetandme » Sat May 26, 2012 5:42 pm

Just saw this in this great program called

Code: Select all

DiamondCS Port Exploror
, lets me know the slogs that are locking my browser when they come into my system. I came across this blurb and wonder how to defend against it.

Code: Select all

rev.opentransfer.com.141.104.0.96.in-addr.arpa.
I am running AVG and Outpost, thought tea timer was running but something knocked that out. Any suggestions?
Last edited by Tom T. on Tue May 29, 2012 6:42 am, edited 2 times in total.
Reason: mild sanitization
Mozilla/5.0 (Windows NT 5.1; rv:12.0) Gecko/20100101 Firefox/12.0

User avatar
therube
Ambassador
Posts: 7521
Joined: Thu Mar 19, 2009 4:17 pm
Location: Maryland USA

Re: rev.opentransfer.com

Post by therube » Sun May 27, 2012 12:54 pm

What blurb is that?
Does Diamond have forums?
What is it that Diamond does?
NoScript blocks JavaScript from all sites not specifically (or defaulted) Allowed.
Suppose you could uses a HOSTS file entry to block access to it, but then you'd have a never ending list, IMO.

Explorer.
Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.1.19) Gecko/20110420 SeaMonkey/2.0.14 Pinball NoScript FlashGot AdblockPlus
Mozilla/5.0 (Windows NT 6.1; WOW64; rv:14.0) Gecko/20120521 Firefox/14.0a2 SeaMonkey/2.11a2

Tom T.
Field Marshal
Posts: 3620
Joined: Fri Mar 20, 2009 6:58 am

Re: rev.opentransfer.com

Post by Tom T. » Tue May 29, 2012 6:39 am

Web search for rev.opentransfer.com shows numerous malware listings, e. g.
http://www.malwaredomainlist.com/mdl.php?inactive=&sort=IP&search=&colsearch=All&ascordesc=DESC&quantity=100&page=0

Code: Select all

2011/02/24_21:26   rolemodelstreetteam.invasioncrew.com/raazuc/Dossier-For-M   98.131.132.1   rev.opentransfer.com.1.132.131.98.in-addr.arpa.   Compromised site leading to fake AV   Invasion Crew / sandy@invasioncrew.com

What is DiamondCS Port Explorer?
Port Explorer is a socket analysis and exploration utility designed for both novice and advanced users alike

The post appears to be spam for Diamond CS, whose reputation is not so good:
http://www.wilderssecurity.com/showthread.php?t=159189
Paul Wilders
Administrator

Join Date: Jul 2001
Location: The Netherlands
Posts: 12,463
Default DiamondCS Support Forums closed
Dear members,

During the existance of this board, we have been and still are providing room as well as bandwidth for several security software companies, focussed on hosting their Official Support Forum(s). Part of this service was and still is: frequent and solid support provided by official representatives from those companies, both over on this board as well as company customer care is concerned.

In this context, we are sad to announce DCS does no longer live up to the standards set as mentioned above, although we have provided the company in question quite a long time to live up to those standards again.

As a result, we have no choice left other then closing as well as archiving all (sub)forums from DCS. We do advise those having paid for software but never received keys, serial numbers, etc. to contact the appropriate channel(s) in order to get a refund.

The DCS softwares are allowed to be discussed in other appropriate forums over on this board. Keep in mind though, there's no official backup anymore from company representatives and therefore, don't expect official company responses.

In closing: we do regard this decision a very difficult - but needed one. In the end, we do have to make sure the standards from this board are respected for the benefit of members, lurkers, and last but not least, this board. Closing down and archiving the DCS (sub)forums is - sadly - the only way to do so.

On behalf of the staff,
Paul Wilders



@ OP: Can you justify your post? Else, it is spam; it will be deleted, and you will be banned for posting to recommend a paid product, especially one which seems to be poorly regarded by reputable sources. The question of how to defeat the other site listed is simple, as therube said: Don't allow it in NoScript, and don't go there.
Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.2.28) Gecko/20120306 Firefox/12.0

Post Reply