As a follow-up to my post earlier today about a fake CastleCops page, there’s more to the story.
There are other domains sharing the same IP (126.96.36.199):
All are copying legitimate sites.
Spyware-wiper spoofs pcworld.com
CrazyCounter copies the European Space Agency:
And Cpaypal copies AboutPayPal.org.
These domains belong to the “Vladzone” malware gang. A while back, we believe that they were responsible for DDoS attacks against webhelper4u.net (Patrick Jordan, who works for Sunbelt) and spamhuntress.com — and maybe a few others. I would not visit these sites…