Short story: block hxxp://wxx.supertrafficvirus.c0m
Long story:
While doing some surfing (wifi hotspot) my page changed and I received a popup stating that my system shows signs of virus infection. I am not sure if I accidentally clicked an ad or was redirected via a script as I was not running noscript in Firefox. (I was on my Ubuntu laptop.) Clicking the red x in the box (I do not know the equivalent of alt-F4 for Linux) moved me to a page that shows an XP "My Computer screen" and what appears to be a flash video of the site "scanning" my PC. LOL! I didn't know my Ubuntu looked like XP! And look at all those w32/win32 viruses I have! [8-)]
I closed the tab and took a look at my cache looking for what happened. I found several related images and a few zip files that I could not extract... "empty file" errors even though it showed the files inside was more then 50k.
After checking, I found that the site is not (as of last night) currently blocked by Astaro unless you have blocked uncategorized sites. So if you do not block uncategorized, then block this site:
hxxp://wxx.supertrafficvirus.c0m
I have submitted it to several blocking sites, research sites, AV sites and of course the filter that Astaro uses.
I did do a look up on DNSstuff.com and it was registered the day after Christmas with obviously bogus info.
I keep my Windows PC's up to date using Secunia's PSI and of course Windows updates. I also keep my destktop AV up to date. All my Windows PC's run with Sandboxie any time IE or Firefox is used. But still, I was very glad that this happened to me on my Linux laptop and not my Windows PC's!
C68
Update: After checking again just a few minutes ago... it is blocked by Astaro.
hxxp://wxx.supertrafficvi ... Categorized URL - Malicious Sites High Risk
This thread was automatically locked due to age.
