Cooldcloud.com
Cooldcloud.com is a malicious site that hosts PC threats that are installed onto your PC via Windows exploits. SpywareRemove.com malware researchers recommend that you block Cooldcloud.com and avoid interaction with e-mail messages or other sites that are associated with Cooldcloud.com, since any contact with Cooldcloud.com may infect your PC or endanger it with other attacks. Cooldcloud.com has been found to be promoted by fake Electronic Payments Association e-mail that distributes PC threats in the form of mislabeled file attachments. Because such spam e-mail messages have also been found to be used to install high-level PC threats such as banking Trojans, you should strongly consider scanning your PC after any contact with Cooldcloud.com, spam e-mail that resembles the above description or associated files.
Cooldcloud.com – a Very Uncool Attempt at EPA Fraud for Spyware Ends
Cooldcloud.com has been blacklisted by certain PC security companies as a site that's promoted by spam, AKA unsolicited and mass-mailed e-mail. However, if your PC hasn't blocked Cooldcloud.com by default, you may wish to alter your network settings to block Cooldcloud.com and related sites (such as Twistcosm.com) that are used in coordination with Cooldcloud.com attacks. Current Cooldcloud.com attacks use exploits (such as CVE-2010-1885, a Windows Help and Support Center vulnerability) that are specific to Windows XP and Windows Server 2003, although SpywareRemove.com malware researchers warn that other attacks from Cooldcloud.com may be broader in their targets than the above.
Since Cooldcloud.com doesn't make any efforts to market itself by normal methods, your most likely source of contact with Cooldcloud.com is through fake Electronic Payments Association messages that are sent to arbitrary e-mail addresses. These messages include a fake jpg attachment that uses Cooldcloud.com and Twistcosm.com, along with the aforementioned vulnerability, to install malicious software. SpywareRemove.com malware researchers have found that the most common result of these attacks is installation of Gameover, a banking Trojan that steals passwords and other information that's associated with online bank accounts.
You can recognize Cooldcloud.com spam by looking for e-mail messages that resemble the following template:
Date: Mon, 12 Feb 2012 08:16:16 -1100
From: 'The Electronic Payments Association'
Subject: ACH transfer rejected
Attachments: nacha_logo.jpg
The ACH transfer (ID: 1366285882700), recently initiated from your bank account (by you or any other person), was rejected by the other financial institution.
Rejected transaction
Transaction ID: 1366285882700
Rejection Reason See details in the report below
Transaction Report report_1366285882700.doc (Microsoft Word Document)
13450 Sunrise Valley Drive, Suite 100
Herndon, VA 20171
2011 NACHA – The Electronic Payments Association
Date: Mon, 12 Feb 2012 19:06:12 +0000
From: 'The Electronic Payments Association'
Subject: ACH transfer rejected
Attachments: nacha_logo.jpg
The ACH transaction (ID: 9485030409966), recently sent from your checking account (by you or any other person), was canceled by the Electronic Payments Association.
Canceled transfer
Transaction ID: 9485030409966
Rejection Reason See details in the report below
Transaction Report report_9485030409966.doc (Microsoft Word Document)
13450 Sunrise Valley Drive, Suite 100
Herndon, VA 20171
2011 NACHA – The Electronic Payments Association
Putting the Chill on Cooldcloud.com's Bank Heists
Since contact with Cooldcloud.com may result in personal information being compromised by clandestine spyware attacks, SpywareRemove.com malware research team recommends that you act to delete Cooldcloud.com-related PC threats with anti-malware software immediately following exposure to Cooldcloud.com or related websites. You may also wish to change passwords and other security-related information to block attempted account hijacks from information that may have already been sent out to remote criminals. Visible and obvious symptoms of the presence of banking Trojans like Gameover can be rare or nonexistent, and alerts from your security programs may be the only sign that your PC is under attack.
SpywareRemove.com malware experts also stress that although current exploits that are linked to Cooldcloud.com are specific to certain versions of Windows, PC threats that are installed by Cooldcloud.com are likely to be functional in most versions of Windows, although their retaining full functionality in alternative brands operating systems is unlikely. Deleting unusual e-mail messages that resemble the above template, keeping anti-malware software installed and avoiding file attachments from suspicious sources should be all that's required to protect your PC from undesired contact with Cooldcloud.com.
Leave a Reply
Please note that we are not able to assist with billing and support issues regarding SpyHunter or other products. If you're having issues with SpyHunter, please get in touch with SpyHunter customer support through your SpyHunter . If you have SpyHunter billing questions, we recommend you check the Billing FAQ. For general suggestions or feedback, contact us.