The following web sites contain Malware payloads:
All these sites share the same IP address 220.127.116.11 please make sure not to visit any of the sites as they uses Iframe and java scripts to push malwares on to your system.
Also reported by SecuBox Labs:
Also these sites were involved in the attack:
abc-powers.com -> the site dropped “ieupdater.exe” file
nt-users.com -> the site instructs the infected machine to download various files from the IP 18.104.22.168
22.214.171.124 -> downloads the following file
fbceeefbdede.com -> instructs to download files from deborah2.biz
deborah2.biz- > drops “wssl54.exe”
The malware does lots of damages to your system downloads zlob,vundo, rogue security applications, changes registry keys, changes host files and does many nasty things.
Please stay away from these sites.
Bharath M N