Author Topic: - dangerous exploit installer/typosquatter  (Read 15093 times)

0 Members and 1 Guest are viewing this topic.

January 04, 2014, 06:11:41 pm
Read 15093 times


  • Newbie

  • Offline
  • *

  • 1
The domain (soundcloud without the final "d") is serving malware, specifically a variant of the DomainIQ installer, disguised as a "soundcloud plugin." When a user accesses the site, it immediately redirects to, which attempts to install the exploit. Exploits Exploits

I have a copy of the exploit file, if anyone wants it.

The domain is obviously preying on users who mistype the URL for, for the purpose of installing an exploit on their system. I believe this is called typosquatting.

This domain has nothing to do with the company Soundcloud, and is registered in Panama. WHOIS is stealthed. I have alerted Soundcloud to the problem so they can also take action if they choose.

January 08, 2016, 01:44:02 pm
Reply #1


  • Newbie

  • Offline
  • *

  • 2
hello thanks for your post please i want doc exploit spy and i also want need an exploits that i can use to convert my exe file to doc or pdf

January 09, 2016, 04:33:18 pm
Reply #2


  • Special Access
  • Full Member

  • Offline
  • *

  • 61
You can upload it/them ( samples ) to  and mark the submission that it was based upon a request from MDL.


January 29, 2016, 04:59:14 pm
Reply #3


  • Newbie

  • Offline
  • *

  • 2
Hmmm... This (hxxp:// redirected me to a Browlock.fakeTechSupport with the following message:

"Important security message. Please dial the number provided ASAP. You will be guided for the removal of the adware/spyware virus on your computer..."

Blah blah blah.
No exploit seems to be hosted on this site.

The other url posted here is currently offline.

February 25, 2016, 07:57:56 am
Reply #4


  • Newbie

  • Offline
  • *

  • 9
    • Blacklists For Squid Proxy & More.
Blacklist them anyway, its still a scam, a con, a phish attempt.
There is a demand for a better blacklist, we intend to fill that gap.

Benjamin E. Nichols