cancel
Showing results for 
Search instead for 
Did you mean: 
minder12
Level 7

Is McAfee0809.site/acuk2 a bonifide McAfee site

Is http://mcafee0809.site a bonifide McAfee site?

Seems it won't allow video embed

  - YouTube link removed by moderator because it is suspect. See below. 

as I got this last week when it took over my browser.

Message was edited by: Peter Freeman

0 Kudos
12 Replies
Hayton
Level 18

Re: Is McAfee0809.site/acuk2 a bonifide McAfee site

Investigating .... Done.

You may have entered the URL incorrectly, but I got it anyway.  It's not valid, it's not legit, it's a malicious malware site.

Detected by Norton Safe Web which lists 9 instances of malicious javascript : here's yours and another one

Threat Name:

Web Attack: Malicious JavaScript Redirection 2

Location:

http://mc.afee0909.site/h1/index.html

Threat Name:

Web Attack: Malicious JavaScript Redirection 2

Location:

http://mc.afee0909.site/acuk2/index.html

See Web Attack: Malicious JavaScript Redirection 2: Attack Signature - Symantec Corp.

I don't know what the McAfee detection of this would be but I think you've got the idea.

By the way, what were you doing before you encountered this? I ask because that YouTube link brought up a black rectangle and a message that said, "Warning! Your hard drive will be deleted!" - so I killed the tab without scrolling down to the comments. Poisoned YouTube comments used to be a common vector for infection.

Just to be on the safe side I'm taking out that YouTube link. You never know. If you're prepared to vouch for it, we might find someone to run it in a sandbox on a VM.  Me, though, no.

0 Kudos
Hayton
Level 18

Re: Is McAfee0809.site/acuk2 a bonifide McAfee site

The domain is rated High Risk on TrustedSource.

I've added a warning review for it on WOT - https://www.mywot.com/en/scorecard/mc.afee0909.site

TS rating.PNG

0 Kudos
minder12
Level 7

Re: Is McAfee0809.site/acuk2 a bonifide McAfee site

I have examined the URL several times  and it is mcafee0809.site as you can clearly see on the top of the browser in the video if you had enlarged the screen.

I will change the tittle of the video as it appears to have  caused some confusion here.  I have changed it to  'Is it Mcafee?'    I captured the screen with Corel screen capture at the onset of problems ...it is not in VB but a video in wmv format showing what happened at that time and uploaded to youtube.

I was searching archives in a help forum when it appeared as can also be seen in the browser tabs at the top of the video.  If you need to retrieve the video to run in a sandbox you are welcome

I'm not sure if this new tittle will have changed it's URL or not.  I am and was using McAfee Internet security at that time.  I checked with the site http://www.isitdownrightnow.com which shows this 'mcafee0809.site to be up and running when last checked.

site%20up.JPG

0 Kudos
Hayton
Level 18

Re: Is McAfee0809.site/acuk2 a bonifide McAfee site

Nope, here's what my ISP returns for that URL -

"Sorry, the website mcafee0809.site cannot be found"

Google doesn't know about it either.

I get the same result as you from the IsItDown site, which is curious. I need to eat now but I'll return to this later.

What I will say now is that any domain with the ".site" suffix is an Unrestricted Domain - sold cheap by outfits like NameCheap and GoDaddy. McAfee would never be using one of those domain suffixes, they're for personal and small business use. That's the answer to your main question, is the site an official McAfee one : the answer is No.

0 Kudos
minder12
Level 7

Re: Is McAfee0809.site/acuk2 a bonifide McAfee site

Maybe it's on IPV6 and using a tunnel

0 Kudos
Hayton
Level 18

Re: Is McAfee0809.site/acuk2 a bonifide McAfee site

Still looking into this. The investigation has widened, but the basic question is answered.

Several similar domains with the ".site" suffix registered within the past 8 weeks, all through offshore companies and ownership details withheld or unavailable. That alone is reason to suspect them of being set up for malicious purposes.

If you can send me the YouTube link by Private Message I'll look at it again. The rule of thumb on the forums is to remove any link that is or even might be risky for the casual user to click on. If a mod wants to investigate we can go in prepared. I don't have much time for doing this though so following the trail of those .site domains takes priority for now.

0 Kudos
minder12
Level 7

Re: Is McAfee0809.site/acuk2 a bonifide McAfee site

Well tried to send a msg to Hayton, but send a private msg requires me to send a msg to more than one recipient  for what ever reason

So I will reply to you here and you can then delete the msg after you have got the details

The video in question is Is it McAfee? - YouTube

0 Kudos
exbrit
Level 21

Re: Is McAfee0809.site/acuk2 a bonifide McAfee site

The sending message list includes yourself so it would appear to be 2 participants.

That blue screen page appears to be malicious ransomware and the best solution if you see that is NOT TO TOUCH ANYTHING other than the power switch.

Then reboot into Safe Mode and try to wind back the clock using System Restore or any disk backup you may have.

​ will add to this I am sure..

0 Kudos
Hayton
Level 18

Re: Is McAfee0809.site/acuk2 a bonifide McAfee site

The basic question has been answered, it's not a McAfee site. Any domain with a "Dot-Site" suffix is small-time, not one set up by the majors.

I still have this on my to-do list but that list is pretty full right now. It's a case of As-and-When, I'm afraid.

0 Kudos