Select Page

Cyren Security Blog

Your new year’s resolution – avoid keygen and serial number sites

We came across this website offering cracks, keygens and serial numbers for various applications. As a rule, we advise users to avoid these sites as they clearly will want something in return for the “free information” (not to mention software copyright issues). The website http:/ /xpokey.com (provided by Worldstream, Netherlands) supposedly offers a wide collection of cracks, keygens and serials for several applications. The site offers downloads as shown below.

Clicking the download link results in the download of a malicious file – not what the user expected to get. The downloaded files include an icon similar to Windows Media Player.

We detect these files as W32/FakeAlert.JE2.gen!Eldorado. These malicious files were hosted in various domain names but have a constant IP address.

Directly accessing the various domains where the malware is stored leads to a “Not Found” page:

So – when directly linking to a file you get a successful download – but otherwise the site is inaccessible. Clearly the site doesn’t give internet user’s an “Okey eXPerience” but a Malware encounter.

You might also like

LinkedIn Phish Kit

Scam Warning Back in January, LinkedIn posted a warning about connection requests from individuals impersonating employees of a legitimate organization. These requests come from newly created accounts. If someone accepts the request, the attackers will have more...