Select Page

Cyren Security Blog

The Cyren Security Blog is where Cyren engineers and thought leaders provide insights, research and analysis on a range of current cybersecurity topics.

Your new year’s resolution – avoid keygen and serial number sites

We came across this website offering cracks, keygens and serial numbers for various applications. As a rule, we advise users to avoid these sites as they clearly will want something in return for the “free information” (not to mention software copyright issues). The website http:/ /xpokey.com (provided by Worldstream, Netherlands) supposedly offers a wide collection of cracks, keygens and serials for several applications. The site offers downloads as shown below.

Clicking the download link results in the download of a malicious file – not what the user expected to get. The downloaded files include an icon similar to Windows Media Player.

We detect these files as W32/FakeAlert.JE2.gen!Eldorado. These malicious files were hosted in various domain names but have a constant IP address.

Directly accessing the various domains where the malware is stored leads to a “Not Found” page:

So – when directly linking to a file you get a successful download – but otherwise the site is inaccessible. Clearly the site doesn’t give internet user’s an “Okey eXPerience” but a Malware encounter.

You might also like

What is Microsoft Office 365 Advanced Threat Protection?

Office 365 Advanced Threat Protection (also known as ATP and Defender) can provide your organization with advanced security features - keeping you protected from cybersecurity threats. With today's cybersecurity landscape, where new threats appear daily, if not...