Threat Database Browser Hijackers Mefuli-search2016.com

Mefuli-search2016.com

By CagedTech in Browser Hijackers

Threat Scorecard

Threat Level: 50 % (Medium)
Infected Computers: 4
First Seen: October 4, 2016
Last Seen: January 9, 2019
OS(es) Affected: Windows

Mefuli-search2016.com is a dubious domain that is reported to be used with bot networks. Bot networks consist of computers that have been compromised by threats like Phase Bot and can be used as proxies, spam bots and launch a DDoS attack. Access to Mefuli-search2016.com is blocked by most Av vendors and Internet filters like Websense ThreatSeeker, Sucuri and Google Safebrowsing. Experts alert that the Mefuli-search2016.com domain can be used to deploy threats and it is not a good idea to ignore security warnings and load the site. Mefuli-search2016.com is registered to the 85.25.197.209 IP address, and a quick search revealed that Mefuli-search2016.com has more than a few clones. We have found out that the content and problems on Mefuli-search2016.com are identical to the following sites:

  • 2016domainsearch.com
  • Bkiloper.ru
  • Chivalitor.ru
  • Doni2016-search.com
  • Helipo-search.com
  • Kipseho.ru
  • Ledserki.ru
  • Mateuru.ru
  • Mytraxoind.ru
  • Paper-search2016.com
  • Registration-search.com
  • Searchbewst2016.com
  • Searchenger2016.com

Experts strongly advise against interaction with the content on Mefuli-search2016.com and its clones. AV vendors and network filtering services report suspicious connections to the 85.25.197.209 IP address and threat activity. It appears that the Mefuli-search2016.com site is used as a communication hub and a tool to manage HTTP connections to compromised computers. Ransomware is the trending threat in 2016 and developers may use pages like Mefuli-search2016.com to spread threats like the JohnyCryptor Ransomware and the HCrypto Ransomware. We have received reports that Mefuli-search2016.com may be opened automatically in the browser. That suggests a browser hijacker may be involved with Mefuli-search2016.com and a third-party program may be used to connect users to Mefuli-search2016.com without their knowledge. Computer users should take advantage of a trusted anti-malware suite to scan their machines for software linked to Mefuli-search2016.com and remove threats that may exchange data with the 85.25.197.209 IP address.

Trending

Most Viewed

Loading...