Adware Spyware (7)
DOS Commands (1)
Internet Explorer (217)
Media Center (12)
Media Player (11)
Mozilla Firefox (18)
Windows 10 (166)
Windows 7 (636)
Windows 8 (1091)
Windows Phone (33)
Windows Server 2008 (165)
Windows Server 2012 (84)
Windows Server 2016 (23)
Windows Vista (52)
"055BCCAC9FEC" Malware from Yahoo! Mail
What is "055BCCAC9FEC" Malware from Yahoo! Mail?
"055BCCAC9FEC" Malware from Yahoo! Mail is a recent variation of the "055BCCAC9FEC" Malware. The earliest report of this variation was on December 13, 2017, see "Ominous screen showed in Chrome" post at malwarebytes.com.
Based reported cases, users will see false security alert popup boxes while using Yahoo! Mail displayed on top your browser screen. A warning message is printed in the popup box with a red background saying:
Internet Security Alert Code: 055BCCAC9FEC Internet Security Alert: Your Computer Might Be Infected By Harmful Viruses. Please Do Not Shut Down or Reset Your Computer. The following data might be compromised if you continue: 1. Passwords 2. Browser History 3. Credit Card Information 4.Local Hard Disk Files. These viruses are well known for identity and credit card theft. Further action on this computer or any other device on your network might reveal private information and involve serious risks. Call Windows Technical Support: (888) 466-6458 (Toll Free).
Sometimes users may hear a recorded audio message reading the above warning message.
On top of the pop up box, users may see another login screen that says:
A username and password are being requested by http://18.104.22.168. The site says: "Internet Security Alert: Your Computer Might Be Infected By Harmful VirusesnCall Windows Technical Support: (888) 466-6458 (Toll Free)" User Name: Password:
The URL of this login box might be: "http://22.214.171.124/as/ff/indexx.php?pn=KDg4OCkgNDY2LTY0NTg=". The last part of the URL "KDg4OCkgNDY2LTY0NTg=" is actually the Base64 encoded version of the phone number: "(888) 466-6458".
Sometimes the login box might have this URL: "http://curationservices.com/in/advu126126128811/" with an IP address of 126.96.36.199.
Sometimes the fake alert might have this URL address: "http://188.8.131.52/as/?c5a3158982df0foftfn1d5a3158982df59=(888)%20466-6458".
If you see this type of fake alert, just power off and restart your computer. Scan it with Windows Defender to remove any malicious items. Do not call the given phone number.
The picture below shows you a screenshot of a "055BCCAC9FEC" Malware
fake alert from triggered from Yahoo! Mail:
â‡’ "RDN/YahLover.worm!055BCCAC9FEC" Malware
â‡ What Is "055BCCAC9FEC" Malware
â‡‘ Fake Alerts and Tech Support Scams
â‡‘â‡‘ Windows 8 Security Tutorials
2018-02-08, 3566👍, 1💬
Can I disable Windows service "Broadcom ASF IP monitoring service v6.0.3" to speedup my computer? Wi...
How to install Apache server on Windows systems? If you followed our downloading Apache server tutor...
Using Columnar as the layout for a form as shown in the previous tutorial is good to enter new recor...
How to remove DLG.exe from the startup application list to gain performance and reduce security risk...
Can I disable Windows service "Network DDE" to speedup my computer? Microsoft application service "N...