downloadrider.net

[adguard-bot]

Issue URL (Annoyance)

https://downloadrider.net/foxit-phantompdf-crack-with-activation-key-latest/

Comment

First download button links to malware. It opens site plastercraftacademy.com through multiple redirects.

Downloading gives malware. Virustotal analysis of file:

https://www.virustotal.com/gui/file/edadb0915fe7c2329a21320637c962015ce14a7561744f5978e4b3c9c218bfe7/detection

Scan results of url where malware is stored:

https://urlscan.io/result/480cc401-57c6-44fa-ad7b-a127e045d9de/

Screenshots

Screenshot 1


System configuration

Information	Value
AdGuard product:	AdGuard Browser Extension v4.3.53
System version:	Windows 11
Browser:	Brave
Stealth mode:	disabled
Filters:	Ad Blocking: AdGuard Base Privacy: AdGuard Tracking Protection, AdGuard URL Tracking Annoyances: AdGuard Cookie Notices, AdGuard Popups, AdGuard Other Annoyances Security: Online Malicious URL Blocklist, Phishing URL Blocklist, Scam Blocklist by DurableNapkin Language-specific: AdGuard Russian, AdGuard German, AdGuard Japanese, AdGuard Dutch, AdGuard Spanish/Portuguese, AdGuard Turkish, AdGuard French, AdGuard Ukrainian, AdGuard Chinese

[jellizaveta]

This website seems malware https://www.virustotal.com/gui/url/fef60892bfc8c4beff74ccbe6bd41fdbe54de4e3bf5080e8e7b3773639d07174

[jellizaveta]

Low trust score https://www.scamadviser.com/check-website/downloadrider.net

Will be blocked.

[andris86]

@jellizaveta You didn't block plastercraftacademy.com, the very website were malware is downloaded from. Did you read the description? There might be other sources that link to plastercraftacademy.com so it's important.

[jellizaveta]

@andris86 I apologise if my reply was not entirely clear. I have also added this link to the list of malware sites. Usually an update is available within 1–2 hours of adding it.

[andris86]

@jellizaveta Got it.