"055BCCAC9FEC" Malware from Yahoo! Mail

Q

What is "055BCCAC9FEC" Malware from Yahoo! Mail?

✍: FYIcenter.com

A

"055BCCAC9FEC" Malware from Yahoo! Mail is a recent variation of the "055BCCAC9FEC" Malware. The earliest report of this variation was on December 13, 2017, see "Ominous screen showed in Chrome" post at malwarebytes.com.

Based reported cases, users will see false security alert popup boxes while using Yahoo! Mail displayed on top your browser screen. A warning message is printed in the popup box with a red background saying:

Internet Security Alert Code: 055BCCAC9FEC

Internet Security Alert: Your Computer Might Be Infected By Harmful Viruses.
Please Do Not Shut Down or Reset Your Computer.

The following data might be compromised if you continue:
1. Passwords
2. Browser History
3. Credit Card Information
4.Local Hard Disk Files.

These viruses are well known for identity and credit card theft. Further
action on this computer or any other device on your network might reveal 
private information and involve serious risks.

Call Windows Technical Support: (888) 466-6458 (Toll Free).

Sometimes users may hear a recorded audio message reading the above warning message.

On top of the pop up box, users may see another login screen that says:

A username and password are being requested by http://159.203.172.55.
The site says: "Internet Security Alert: Your Computer Might Be Infected 
By Harmful VirusesnCall Windows Technical Support: (888) 466-6458 (Toll Free)"

User Name: 
Password:

The URL of this login box might be: "http://159.203.172.55/as/ff/indexx.php?pn=KDg4OCkgNDY2LTY0NTg=". The last part of the URL "KDg4OCkgNDY2LTY0NTg=" is actually the Base64 encoded version of the phone number: "(888) 466-6458".

Sometimes the login box might have this URL: "http://curationservices.com/in/advu126126128811/" with an IP address of 165.227.66.73.

Sometimes the fake alert might have this URL address: "http://165.227.123.195/as/?c5a3158982df0foftfn1d5a3158982df59=(888)%20466-6458".

If you see this type of fake alert, just power off and restart your computer. Scan it with Windows Defender to remove any malicious items. Do not call the given phone number.

The picture below shows you a screenshot of a "055BCCAC9FEC" Malware fake alert from triggered from Yahoo! Mail:
055BCCAC9FEC Malware Fake Alert from Yahoo! Mail

⇒ "RDN/YahLover.worm!055BCCAC9FEC" Malware

⇐ What Is "055BCCAC9FEC" Malware

⇑ Fake Alerts and Tech Support Scams

⇑⇑ Windows 8 Security Tutorials

2018-02-08, 3957🔥, 1💬

"SynTPEnh Caller Service - SynTPEnhService.exe" Problem
Why am I getting the "R6030 - CRT not initialized" runtime error on my Lenovo Windows 7 computer? On your Lenovo Windows 7 computer, you see may get a runtime error box on your Lenovo Windows 7 computer that says: Microsoft Visual C++ Runtime Library Runtime Error! Program: C:\Program Files\Synaptic... 2018-01-13, 5952🔥, 0💬

"Intel Common User Interface - igfxtray.exe" Startup Program
What is the startup program "Intel Common User Interface - igfxtray.exe" on my Windows 7 computer? Can I remove it to speedup my computer and reduce security risk? "Intel Common User Interface - igfxtray.exe - igfxtray.exe" is the Intel Graphics Accelerator Helper. igfxtray.exe is a system tray bar ... 2018-01-19, 5857🔥, 0💬

"055BCCAC9FEC" Malware from Yahoo! Mail
What is "055BCCAC9FEC" Malware from Yahoo! Mail? "055BCCAC9FEC" Malware from Yahoo! Mail is a recent variation of the "055BCCAC9FEC" Malware. The earliest report of this variation was on December 13, 2017, see "Ominous screen showed in Chrome" post at malwarebytes.com. Based reported cases, users wi... 2018-02-08, 3958🔥, 1💬

💬 2018-02-08 Mike: Thanks for the information. I got the problem today.

"RDN/YahLover.worm!055BCCAC9FEC" Malware
What is "RDN/YahLover.worm!055BCCAC9FE C"Malware? "RDN/YahLover.worm!055BCCAC9FE C"Malware is an older variation of the "055BCCAC9FEC" Malware. see Remove RDN/YahLover.worm!055BCCAC9FEC Fake Alerts (Scam) The fake alert shows a slightly different warning message: web-alrt-phsng-atck.xys says: ******... 2018-01-06, 3036🔥, 0💬

Phone Numbers Used in "055BCCAC9FEC" Malware
What are phone numbers used by scammers of 055BCCAC9FEC" Malware fake alert? There are a large number of phone numbers used by scammers of 055BCCAC9FEC" Malware fake alert. For example, the following is a list of known "1 888" phone numbers used by scammers: 1-888-202-8995 1-888-204-3985 1-888-204-7... 2018-01-08, 2798🔥, 0💬

'Realtek Audio Service - RtkAudioService64.exe' Service on Windows 7
What is "Realtek Audio Service" in my Windows 7 service list? And how is "Realtek Audio Service" service related to RtkAudioService64.exe? "Realtek Audio Service" is a Windows 7 service that is a device driver for the Realtek HD Audio Card. "Realtek Audio Service" service is provided by RtkAudioServ... 2018-01-13, 2694🔥, 0💬

Fake Popups Used in Tech Support Scams
What is fake popup dialog box used in Tech Support Scams? Sometimes malicious Websites uses fake popup dialog boxes to display fake security alerts as part of a tech support scam. The picture below shows you a fake popup dialog box: The fake popup dialog box is not a true dialog box. It is actually ... 2018-01-06, 2644🔥, 0💬

What Is "055BCCAC9FEC" Malware
What is "055BCCAC9FEC" Malware? "055BCCAC9FEC" Malware is a group of harmful programs and Websites that redirects you to fake alerts containing the "055BCCAC9FEC" error code: ... Internet Security Alert Code: 055BCCAC9FEC Internet Security Alert: Your Computer Might Be Infected By Harmful Viruses. P... 2018-01-06, 1855🔥, 0💬

Fake Browser Window Used in Tech Support Scam
What is fake browser windows used in Tech Support Scams? Sometimes malicious Websites uses fake browser windows to simulate a legitimate Website to trick you to believe your computer has been infected with viruses. The picture below shows you a fake browser window: As you can see from the above pict... 2018-01-06, 1621🔥, 0💬

All rights in the contents of this web site are reserved by the individual author. fyicenter.com does not guarantee the truthfulness, accuracy, or reliability of any contents.