Unbaskufgb.ml

By GoldSparrow in Browser Hijackers

Translate To:

The Unbaskufgb.ml domain is used in a technical support tactic that aims to trick Spanish-speaking users into calling a fake Microsoft help desk. The Unbaskufgb.ml domain hosts misleading warnings that are shown as pop-up windows and promote computer help services via the 900-861-783 and a few other toll-free phone lines. The Unbaskufgb.ml warnings are customized versions of fake security alerts that are aimed at English-speaking users. We have found that the Unbaskufgb.ml pop-ups feature the following text:

'ID de Rederencia: {NETW09}
SU ORDENADOR MICROSOFT HA SIDO BLOQUEADO
Alerta del sistema de Windows !!!! El sistema ha sido infectado por un errar inesperado.
Piagase en contacto con Microsoft 900861 783 (LLAMADA GRATUITA) inmedlatammte para desbloquearei ottlenadort
Falta de registro operativo.
Código de Error: NORPOPI7
LLAME INMEDIATAMENTE A MICROSOFT 900 861 783 (LLAMADA GRATUITA)
EL SISTEMA DE ARCHIVOS DE DATOS ESTA EN RIESGO :
> Los SIM/CIOS del sistema no pueden embalar
> El disco duro está a ponto de chocar
> Posible falto en el registro
> Los archives DI.L corrompe
> Las reflexiones extranjeras detectadas
LLAME INMEDIATAMENTE A MICROSOFT 900 861 783 (LLAMADA GRATUITA)'

Here is a translation in English of the same message shown above:

'Redirection ID: {NETW09}
YOUR MICROSOFT COMPUTER HAS BEEN BLOCKED
Windows system alert !!!! The system has been infected by an unexpected error.
Contact Microsoft 900861 783 (CALL FOR FREE) immediately to unlock right now
Lack of operational record.
Error code: NORPOPI7
CALL IMMEDIATELY TO MICROSOFT 900 861 783 (TOLL FREE)
DATA FILE SYSTEM IS AT RISK:
> System SIM / BIOS can not load
> Hard disk is about to crash
> Possible registry failure
> DLL archives are corrupted
> Remote access detected
CALL IMMEDIATELY MICROSOFT 900 861 783 (TOLL FREE)'

The Unbaskufgb.ml domain is registered to the 160.153.128.5 IP address, and we discovered that it has nearly a dozen clones that include the following domains:

ghfbdsjhgfcdhgf[.]tk, hainsl[.]ml, hiahiosglfi[.]tk, idhgoiergh[.]ga, sdghytrfbnhgf[.]gq, opauhba[.]ga, abkantkalip[.]net, qoqniwn[.]tk, zhjdiudk[.]ml, vilanbcaoi[.]ga, passhiab[.]ga, kamlskl[.]ml, hanksnl[.]

There may be more pages linked to the 'Error code: NORPOPI7' technical support tactic and we recommend users report similar pages via the page report system in their browser. The 'Error code: NORPOPI7' pop-up windows may welcome users to call a help desk that is supposed to be operated by Microsoft. However, the information provided by Unbaskufgb.ml and its clones is not to be trusted. Microsoft Corp. does not own or operate Unbaskufgb.ml and the 'Error code: Legitimate cybersecurity solutions do not produce NORPOPI7' warnings. It is best to avoid the Unbaskufgb.ml domain, and you might wish to scan your PC for files that may cause browser redirects to untrusted locations like Unbaskufgb.ml. AV engines tag the objects related to Unbaskufgb.ml as:

JS:Trojan.Cryxos.1121
JS:Trojan.Cryxos.D461
Trojan ( 001bb56b1 )
Trojan.Script.AgtLocker.enkjdo
Trojan[Dropper]/VBS.Agent.bp
VBS/Ramnit.abcd
Win32/Trojan.0d9
malware (ai score=87)

Enigma Software Group Prevails Over Malwarebytes at the Ninth Circuit

Search

Change Region

Unbaskufgb.ml

Submit Comment

Trending

'YouPorn' Email Scam

Safe Search Eng

Findtheirreport.com

Most Viewed

Is Lookmovie.io Safe?

How To Fix 'Printer Driver is Unavailable' Error

Discord Shows Black Screen when Sharing Screen