File-Ave it!

Fileave.com is a one click hosting site which provides free file hosting for its users. When compared to other similar one click hosts, the 50MB of free disk space provided by fileave.com may sound minuscule, but the fact that there’s no “wait” restrictions or CAPTCHAs to solve before downloading a file seems to make it a favourite among malware authors to host their malicious code.

The graph above displays the number of unique URLs hosting malicious files from fileave.com which were collected by our automated systems.

Closer inspection revealed that the sudden spike from ~100 URLs in the month of July to ~550 in the month of August was due to a mass compromise using the “Black-hole” exploit kit with the final payload hosted on fileave.com. The malware author responsible for this mass compromise had registered a total of ~400 unique URLs in just 1 month in the following format:

  • “http://clickme[2 Random characters].fileave.com”

Discounting these URLs, the graph still shows a worrying trend:

The number of malware authors using fileave.com to host their malicious payload is on the rise. The fact that fileave.com has none of these measures in place is bound to be exploited even more by malware authors in the days to come.

Lokesh Kumar
K7 TCL

K7 Computing UK | K7 Computing Ireland

About k7press

Antivirus Vendor - distributor for United Kingdom and Republic of Ireland

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s