在第一季度和第二季2017年,我们注意到来自受影响网站的驾车下载急剧下降。过去的运动要么已经过去了(伪Darkleech)或改变了焦点(EITest使用社会工程技术).
恶意 - 它保持稳定,目前是一些最常见的恶意软件和诈骗分发操作的主要驱动力 - 不仅源于各种出版商,而且来自“被遗弃”的网站。这些相关领域曾经担任了合法的目的,但从永不被他们的业主续签,并落入演员手中,希望使用可疑的做法进行快速利润。
在这篇文章中,我们看一下过期域的恶意重定向是如何工作的,以及他们导致的是什么样的流量。
一个域名的生、死和复活
当涉及到网络安全时,大多数问题通常不是来自平台本身,而是来自运营平台的人,或者来自被放弃的财产。Sucuri的人写了很多关于这个的文章最近的帖子,他们展示了流行CMS中的过期域和过时的插件是一种致命的混合,导致恶意重定向。
这是一个网站的例子,oezelotel [。] com第一次注册denizduezguen@yahoo.de.2014年3月10日,该公司曾为多家酒店做广告,2016年被抹去,最终因域名注册没有续签而被停了下来。
图1:随着时间的推移,网站的演变及其最终过期域名
新主人,动机明确
一个历史谁是在停放的域名礼貌Hyas”Comox显示,2017年6月4日,域名将手从其原始所有者换成domainmanagers@outlook.com..这也是当网站更改托管时(从德国基于德国的服务器移动到美国)并开始表现出其恶意行为。
对同一注册人拥有的其他一些属性的练习述评表示经过过期的域名并通过可疑的广告网络将其货币化的Penchant。Domaintools已经结束了23 K记录属于同一个电子邮件地址。
恶意轮盘赌
你可能认为一个不存在的网站是无害的,但这不能进一步来自真相。放弃或遗忘的域通常注册并“停放”以产生低质量的流量(即垃圾链接)另一篇博客文章这是一种真正有利可图的商业模式。
我们观察到不同类型的流量,从虚假调查到更邪恶的活动,如飞车攻击和技术支持诈骗,都是基于访问者的用户代理。请注意,以下示例不要求用户单击任何链接,访问站点的简单事实触发了自动重定向。
钻机EK流量:
图2:RIG利用套件感染链通过Fobos活动交付Bunitu木马.
oezelotel [。] com(停放的网站) - > xml1.limeclick [。] com< html > <头> <标题>加载< /名称> < /头> <身体> location.href = ' http://xml1.limeclick[。com /点击?我= SXRzS * SmiP4_0”;身体< / > < / html >xml1.limeclick(。com - > bingfreegames3。信息212 kjhguihkhbvd[。cf -> 188.225.27.234 (RIG EK landing)
技术支持诈骗(TSS)流程:
图3:通过blobar [.org]重定向到技术支持骗局[.org]
oezelotel [。] com(parked site) -> bougainvillaeabuffeting[.]comloading </ title> </ head> <body> location.href ='http:// bougainvillaeabuffeting [。] com / d / r5t9b73131?rtb = {redacted}&subid = oezel.com'; </ body> </ html><strong>Bougainvillaeabuffeting [。] com - > blobar [。] org</strong>document.write('<meta http-equiv =“刷新”content =“0; url ='+ u +'”>');</ SCRIPT> <NOSCRIPT> <META HTTP-当量= “刷新” 内容=“0; URL = https://blobar.org/d/0&rtb={redacted}&subid=oezelotel.com&r= HTTP%3A%2F%2foezelotel.com%2f“> </ noscript> <meta name =”推荐人“content =”no-refererer“><strong>blobar(。org -> www.alrtsyscalling[.]cf (TSS登陆)</strong>位置:https://www.alrtsyscalling [。] cf / call-microsoft-support-at-1-855-633-1666</pre> <p><a href="//m.fwgtm.com/wp-content/uploads/2017/08/TSS2.png" data-rel="lightbox-image-5" data-rl_title="" data-rl_caption="" title=""><img data-attachment-id="19515" data-permalink="//m.fwgtm.com/threat-analysis/2017/09/expired-domain-names-and-malvertising/attachment/tss2-2/" data-orig-file="//m.fwgtm.com/wp-content/uploads/2017/08/TSS2.png" data-orig-size="1196,800" data-comments-opened="1" data-image-meta="{"aperture":"0","credit":"","camera":"","caption":"","created_timestamp":"0","copyright":"","focal_length":"0","iso":"0","shutter_speed":"0","title":"","orientation":"0"}" data-image-title="TSS2" data-image-description="" data-medium-file="//m.fwgtm.com/wp-content/uploads/2017/08/TSS2-300x201.png" data-large-file="//m.fwgtm.com/wp-content/uploads/2017/08/TSS2-600x401.png" loading="lazy" class="size-full wp-image-19515 aligncenter" src="//m.fwgtm.com/wp-content/uploads/2017/08/TSS2.png" alt="" width="1196" height="800" srcset="//m.fwgtm.com/wp-content/uploads/2017/08/TSS2.png 1196w, //m.fwgtm.com/wp-content/uploads/2017/08/TSS2-300x201.png 300w, //m.fwgtm.com/wp-content/uploads/2017/08/TSS2-600x401.png 600w" sizes="(max-width: 1196px) 100vw, 1196px"></a></p> <p style="text-align: center"><em>图4:浏览器锁服务于一个技术支持诈骗页面(IP地址硬编码在图片中)</em></p> <h3>流量和用户目标</h3> <p>如今,恶意用户如何获得线索似乎无关紧要,只要他们是真正的用户,他们就可以暴露在恶意软件或骗局中。使用广告网络和恶意广告的一个优势是,与服务器端对受影响网站的检查相比,大量过滤可以通过整个分发链处理,效率显著。</p> <p>停放的域名是劫持交通和货币化的许多情景之一。虽然这些做法提高了眉毛,但它们实际上是违法的吗?是域名注册商应该强制或禁止的东西吗?那些有趣的问题值得辩论。</p> <p><a href="https://www.malwarebytes.com/" target="_blank" rel="noopener noreferrer">必威平台APP</a>阻止许多与恶意广告和驱动下载尝试相关的域。因为我们正在目睹越来越多的社会工程攻击,我们强烈建议你传播关于当今最常见的诈骗之一的消息<a href="//m.fwgtm.com/tech-support-scams/" target="_blank" rel="noopener noreferrer">betway 体育是哪国的</a>.</p> </div> <div class="share-section"> <p><b>分享此文章</b></p> <a class="socicon-facebook" target="_blank" href="http://www.facebook.com/sharer.php?u=https%3A%2F%2Fm.fwgtm.com%2F%3Fp%3D19481&t=Expired+domain+names+and+malvertising" id="social-share-facebook" aria-label="Share this post on Facebook"></a> <a class="socicon-twitter" target="_blank" href="https://twitter.com/intent/tweet?text=Expired+domain+names+and+malvertising+https%3A%2F%2Fm.fwgtm.com%2F%3Fp%3D19481&via=Malwarebytes" id="social-share-twitter" aria-label="Share this post on Twitter"></a> <a class="socicon-linkedin" target="_blank" href="https://www.linkedin.com/shareArticle?mini=true&url=https%3A%2F%2Fm.fwgtm.com%2F%3Fp%3D19481&title=Expired+domain+names+and+malvertising&summary=&source=" id="social-share-linkedin" aria-label="Share this post on LinkedIn"></a> </div> <hr> <div class="comments-section"> <p><b>注释</b></p> <div id="disqus_thread"></div> </div> </div> <hr> <div class="related-articles"> <p><b>相关文章</b></p> <div class="post"> <div class="large-card"> <div class="thumb"> <a href="//m.fwgtm.com/business-2/2020/09/is-domain-name-abuse-something-companies-should-worry-about/"><img src="//m.fwgtm.com/wp-content/uploads/2017/08/Untitled-design-604x270.png" alt="域名滥用公司应该担心的东西吗?"></a> </div> <div class="content"> <p class="breadcrumbs hidden-xs"><a href="//m.fwgtm.com/category/business-2/" rel="category tag">业务</a></p> <h2><a href="//m.fwgtm.com/business-2/2020/09/is-domain-name-abuse-something-companies-should-worry-about/">域名滥用公司应该担心的东西吗?</a></h2> </div> </div> <p class="desc">2020年9月18日 - 你应该担心域名滥用吗?在大多数情况下,它取决于您是什么样的公司以及您期望遇到的内容。</p> <div class="post-action"> <a href="//m.fwgtm.com/business-2/2020/09/is-domain-name-abuse-something-companies-should-worry-about/" class="continue-read">继续阅读</a> <a class="num-comments" href="//m.fwgtm.com/business-2/2020/09/is-domain-name-abuse-something-companies-should-worry-about/"><span class="dsq-postid" data-dsqidentifier="44631 //m.fwgtm.com/?p=44631">暂无评论</span></a> </div> </div> <div class="post"> <div class="large-card"> <div class="thumb"> <a href="//m.fwgtm.com/awareness/2019/10/as-internet-turns-50-more-risks-and-possibilities-emerge/"><img src="//m.fwgtm.com/wp-content/uploads/2019/10/shutterstock_447671734-604x270.jpg" alt="随着互联网转弯50,更多的风险和可能性出现了"></a> </div> <div class="content"> <p class="breadcrumbs hidden-xs"><a href="//m.fwgtm.com/category/awareness/" rel="category tag">betway必威 随行版官网址</a></p> <h2><a href="//m.fwgtm.com/awareness/2019/10/as-internet-turns-50-more-risks-and-possibilities-emerge/">随着互联网转弯50,更多的风险和可能性出现了</a></h2> </div> </div> <p class="desc">2019年10月29日 - 我们所知道的世界于1969年10月29日改变,互联网出生的那一天。50年后,它既普遍存在,充满了潜在的和风险。</p> <div class="post-action"> <a href="//m.fwgtm.com/awareness/2019/10/as-internet-turns-50-more-risks-and-possibilities-emerge/" class="continue-read">继续阅读</a> <a class="num-comments" href="//m.fwgtm.com/awareness/2019/10/as-internet-turns-50-more-risks-and-possibilities-emerge/"><span class="dsq-postid" data-dsqidentifier="40898 //m.fwgtm.com/?p=40898">暂无评论</span></a> </div> </div> <div class="post"> <div class="large-card"> <div class="thumb"> <a href="//m.fwgtm.com/security-world/2016/12/explained-domain-generating-algorithm/"><img src="//m.fwgtm.com/wp-content/uploads/2014/09/photodune-7763017-internet-top-level-domain-name-spelled-on-metallic-keyboard-m-604x270.jpg" alt="解释:域生成算法"></a> </div> <div class="content"> <p class="breadcrumbs hidden-xs"><a href="//m.fwgtm.com/category/security-world/" rel="category tag">安全的世界</a>|<a href="//m.fwgtm.com/category/security-world/technology/" rel="category tag">技术</a></p> <h2><a href="//m.fwgtm.com/security-world/2016/12/explained-domain-generating-algorithm/">解释:域生成算法</a></h2> </div> </div> <p class="desc">2016年12月6日—域名生成算法被网络犯罪分子用来防止他们的服务器被列入黑名单或被撤下。该算法会产生看起来随机的域名。其思想是,使用相同算法的两台机器将在给定的时间接触相同的域。</p> <div class="post-action"> <a href="//m.fwgtm.com/security-world/2016/12/explained-domain-generating-algorithm/" class="continue-read">继续阅读</a> <a class="num-comments" href="//m.fwgtm.com/security-world/2016/12/explained-domain-generating-algorithm/"><span class="dsq-postid" data-dsqidentifier="15523 //m.fwgtm.com/?p=15523">暂无评论</span></a> </div> </div> </div> </div> <div class="col-md-4" id="right-rail"> <hr class="visible-xs visible-sm"> <!-- AUTHOR MODULE --> <div class="right-rail-section author-info"> <p><b>关于作者</b></p> <div class="small-card"> <img alt="" src="https://secure.gravatar.com/avatar/8ff7688dd7aaf66effb89c65203ee7c3?s=96&d=identicon&r=g" srcset="https://secure.gravatar.com/avatar/8ff7688dd7aaf66effb89c65203ee7c3?s=192&d=identicon&r=g 2x" class="avatar avatar-96 photo" height="96" width="96" loading="lazy"> <div class="content"> <p class="details"><span class="name"><a href="//m.fwgtm.com/author/jeromesegura/" title="JérômeSegura." rel="author">JérômeSegura.</a></span><span class="author-twitter"><a href="https://www.twitter.com/jeromesegura" class="socicon-twitter" aria-label="See @jeromesegura's tweets on Twitter"></a></span><br><span class="title">威胁情报总监</span></p> <p class="desc">对网络威胁特别感兴趣。</p> </div> </div> </div> <!-- SUB CATEGORIES --> <!-- TOP THREATS --> </div> </div> </div> </section> </article> </div> <!-- for Labs Nav --> <section id="labs-links"> <div class="container"> <div class="row"> <div class="col-md-12"> <div class="lablink"> <p><a href="//m.fwgtm.com/authors/" id="cta-labs-footernavigation-linkto-contributors-en">betway vip</a></p> </div> <div class="lablink"> <p><a href="//m.fwgtm.com/threats/" id="cta-labs-footernavigation-linkto-threatcenter-en">appbetway必威亚洲官网</a></p> </div> <div class="lablink"> <p><a href="//m.fwgtm.com/glossary/" id="cta-labs-footernavigation-linkto-glossary-en"><img src="//m.fwgtm.com/wp-content/themes/mb-labs-theme-3.5.13/images/footer/glossary.svg" alt="本书的书签"><br>术语表</a></p> </div> <div class="lablink"> <p><a href="//m.fwgtm.com/tech-support-scams/" id="cta-labs-footernavigation-linkto-scams-en">betway 体育是哪国的</a></p> </div> <div class="lablink"> <p><a href="//m.fwgtm.com/write/" id="cta-labs-footernavigation-linkto-writeforlabs-en"><img src="//m.fwgtm.com/wp-content/themes/mb-labs-theme-3.5.13/images/footer/write.svg" alt="铅笔"><br>为实验室写</a></p> </div> </div> </div> </div> </section> <footer class="refresh-footer"> <div class="container"> <div class="row links-row"> <!-- newsletter --> <div class="col-md-3 col-xs-12 col-md-push-9 newsletter-col"> <div class="row soc-icon-row newsletter-icons hidden-xs hidden-sm"> <div class="footer-soc-icon"> <a id="cta-footer-social-twitter-en" class="social socicon-twitter" href="https://twitter.com/malwarebytes" aria-label="Visit Malwarebytes on Twitter"></a> </div> <div class="footer-soc-icon"> <a id="cta-footer-social-facebook-en" class="social socicon-facebook" href="https://www.facebook.com/Malwarebytes/" aria-label="Visit Malwarebytes on Facebook"></a> </div> <div class="footer-soc-icon"> <a id="cta-footer-social-linkedin-en" class="social socicon-linkedin" href="https://www.linkedin.com/company/malwarebytes" aria-label="Visit Malwarebytes on LinkedIn"></a> </div> <div class="footer-soc-icon"> <a id="cta-footer-social-youtube-en" class="social socicon-youtube" href="https://www.youtube.com/user/Malwarebytes" aria-label="Visit Malwarebytes on YouTube"></a> </div> <div class="footer-soc-icon"> <a id="cta-footer-social-instagram-en" class="social socicon-instagram-v2" href="https://www.instagram.com/malwarebytesofficial/" aria-label="Visit Malwarebytes on Instagram"></a> </div> </div> <div class="row newsletter-refresh"> <div class="col-xs-12"> <h4>网络安全信息是你不可或缺的</h4> <p>想了解网络安全方面的最新消息吗?注册我们的通讯并学习如何保护您的计算机免受威胁。</p> </div> <div class="col-xs-12"> <form class="newsletter-form form-inline" action="//www.malwarebytes.com/newsletter/" _lpchecked="1"> <div class="email-input"> <label for="cta-footer-newsletter-input-email-en" aria-label="cta-footer-newsletter-input-email-en" aria-labelledby="cta-footer-newsletter-input-email-en"><input type="text" class="email-input-field" id="cta-footer-newsletter-input-email-en" name="email" placeholder="Email address"></label> <input name="source" type="hidden" value=""> <input type="submit" class="submit-bttn" id="cta-footer-newsletter-subscribe-email-en" value=""> </div> </form> </div> </div> </div> <!--logo col--> <div class="col-md-2 col-xs-12 col-md-pull-3 footer-col"> <div class="footer-logo hidden-xs hidden-sm"> <svg width="160px" height="25px" viewbox="0 0 160 25" version="1.1" xmlns="http://www.w3.org/2000/svg" xmlns:xlink="http://www.w3.org/1999/xlink"> <g id="Symbols" stroke="none" stroke-width="1" fill="none" fill-rule="evenodd"> <g id="Footer-desktop" transform="translate(-165.000000, -68.000000)" fill="#FFFFFF"> <g id="Footer"> <g id="Group-3"> <g transform="translate(165.000000, 68.000000)"> <g id="logo"> <path d="M104.620758,6.81492418 L104.53414,6.84800885 L104.53414,0.579460088 C104.53414,0.43037976 104.412794,0.314384104 104.256721,0.347468775 L102.436133,0.61294337 C102.314787,0.61294337 102.245333,0.728939026 102.245333,0.844934683 L102.245333,19.1016943 C102.245333,19.21769 102.33235,19.3340842 102.436133,19.3340842 C104.01363,19.6820712 105.99069,19.8315502 107.221712,19.8315502 C112.440783,19.8315502 113.151295,17.4434746 113.151295,14.840548 L113.151295,10.0313123 C113.151295,7.27890681 111.7642,5.86981868 109.076628,5.86981868 C107.135093,5.86981868 105.52247,6.36728459 104.620758,6.81492418 M110.827761,9.96514299 L110.827761,14.923459 C110.827761,16.7805854 110.238195,17.9078559 107.394949,17.9078559 C106.441346,17.9078559 105.504907,17.8249449 104.586031,17.7256909 L104.551304,17.7256909 L104.551304,8.85421552 L104.586031,8.85421552 C105.418288,8.47274526 107.152257,7.82580042 108.504625,7.82580042 C110.100084,7.80945739 110.827761,8.48908829 110.827761,9.96514299" id="Fill-1"></path> <path d="M116.202745,6.1348548 L114.469175,6.1348548 C114.313102,6.1348548 114.191357,6.28433374 114.226483,6.43341407 L118.612898,19.3675277 C118.647625,19.4835233 118.734244,19.516608 118.85559,19.516608 L119.375701,19.516608 C119.531774,19.516608 119.653519,19.6656883 119.618792,19.8151673 L117.884823,24.657089 C117.850095,24.8061694 117.971441,24.9556483 118.127115,24.9556483 L119.739738,24.9556483 C119.861084,24.9556483 119.930539,24.8727373 119.982829,24.8061694 L121.924763,19.5496927 L126.467251,6.43341407 C126.501978,6.28433374 126.380632,6.1348548 126.224559,6.1348548 L124.49059,6.1348548 C124.369244,6.1348548 124.300189,6.21776579 124.247898,6.28433374 L120.571996,17.2118421 C120.485377,17.4438334 120.173231,17.4438334 120.103776,17.2118421 L116.497727,6.28433374 C116.393945,6.21776579 116.306927,6.1348548 116.202745,6.1348548" id="Fill-3"></path> <path d="M137.858597,10.8605816 L137.858597,14.9068768 C137.858597,18.2731425 139.592566,19.8153666 143.389415,19.8153666 C145.002038,19.8153666 146.787898,19.549892 148.088375,19.135337 C148.21012,19.1022524 148.278776,18.9862567 148.245246,18.8702611 L148.001756,17.57677 C147.967029,17.4276897 147.846082,17.3447787 147.68961,17.3942064 C146.146441,17.7756766 144.759346,17.9582402 143.545887,17.9582402 C140.615224,17.9582402 140.112676,16.9796514 140.112676,14.8901352 L140.112676,13.9450297 C140.112676,13.7955508 140.234022,13.7126398 140.355368,13.7126398 L148.261612,13.7126398 C148.417685,13.7126398 148.504703,13.5966441 148.504703,13.4806485 L148.504703,10.9765773 C148.504703,7.57762552 146.805461,5.9524905 143.251304,5.9524905 C139.713512,5.86957951 137.858597,7.54454085 137.858597,10.8605816 L137.858597,10.8605816 Z M140.147005,10.7115013 C140.147005,8.63912529 141.135734,7.72710446 143.303195,7.72710446 C145.43553,7.72710446 146.302515,8.58929898 146.302515,10.7115013 L146.302515,11.6566068 C146.302515,11.8056871 146.181568,11.8885981 146.059823,11.8885981 L140.372931,11.8885981 C140.216858,11.8885981 140.12984,11.7726025 140.12984,11.6566068 L140.12984,10.7115013 L140.147005,10.7115013 Z" id="Fill-5"></path> <path d="M155.370725,11.888638 C152.995299,11.3254013 152.925845,11.0599267 152.925845,9.50135967 C152.925845,8.20786859 153.289883,7.76022899 155.370725,7.76022899 C156.359056,7.76022899 157.780479,7.87622465 158.977173,8.10821596 C159.133246,8.14169924 159.254193,8.02530497 159.254193,7.87622465 L159.375938,6.54925028 C159.375938,6.43325463 159.28892,6.31725897 159.185537,6.2841743 C158.075461,6.0186997 156.740656,5.86922077 155.474907,5.86922077 C151.954679,5.86922077 150.654601,6.84780955 150.654601,9.46827499 C150.654601,12.2202819 150.966747,12.9166545 154.45145,13.7457643 C157.260368,14.3927091 157.451169,14.5417895 157.451169,16.0840135 C157.451169,17.5269835 157.087131,17.9746231 154.763597,17.9746231 C153.65392,17.9746231 152.232497,17.7924581 151.053366,17.5269835 C150.897293,17.4938989 150.775548,17.5600682 150.74122,17.7095471 L150.498528,18.9532119 C150.463801,19.0692076 150.533255,19.1852032 150.654601,19.2182879 C151.799005,19.5997581 153.532974,19.8652327 154.885342,19.8652327 C158.95961,19.8652327 159.705248,18.5717417 159.705248,16.0011025 C159.722812,13.1323027 159.167974,12.8006588 155.370725,11.888638" id="Fill-7"></path> <path d="M48.2703991,19.417075 L45.7389002,6.3669657 C45.704173,6.21788537 45.8255189,6.06840643 45.9819912,6.06840643 L48.7909092,6.06840643 C48.9118559,6.06840643 49.033601,6.15131742 49.033601,6.25097004 L50.541643,14.1103733 C50.5763703,14.3762465 50.940408,14.3762465 51.0098626,14.1438566 L53.4547428,6.2342284 C53.489071,6.11823275 53.5760887,6.0520634 53.6974346,6.0520634 L57.0268626,6.0520634 C57.1478094,6.0520634 57.2168648,6.13497439 57.2691553,6.2342284 L59.7140355,14.1438566 C59.8006542,14.3762465 60.1475278,14.3762465 60.1822551,14.1103733 L61.6902971,6.25097004 C61.7250244,6.13497439 61.8120422,6.06840643 61.9333881,6.06840643 L64.7423061,6.06840643 C64.8979801,6.06840643 65.019326,6.21788537 64.9845987,6.3669657 L62.4359357,19.417075 C62.4012085,19.5330706 62.314989,19.5996386 62.1932439,19.5996386 L58.5177407,19.5996386 C58.3959956,19.5996386 58.326541,19.5167276 58.2746497,19.417075 L55.5874768,10.6452522 C55.500459,10.4132609 55.1883127,10.4132609 55.1192573,10.6452522 L52.4320843,19.417075 C52.3973571,19.5330706 52.3103393,19.5996386 52.1889934,19.5996386 L48.5130909,19.5996386 C48.391745,19.5996386 48.3051264,19.5330706 48.2703991,19.417075" id="Fill-9"></path> <path d="M44.1961309,17.1122293 C42.9303814,17.1122293 42.5312173,16.5816787 42.5312173,15.0725394 L42.5312173,5.27270015 L42.5312173,1.40856993 C42.5312173,1.25948961 42.4098714,1.14309534 42.2541974,1.17657862 L39.2025876,1.59113354 C39.0812417,1.59113354 39.0117872,1.70752781 39.0117872,1.82352347 L39.0117872,1.93951912 L39.0117872,5.27270015 L39.0117872,15.437268 C39.0117872,18.505373 40.9537207,19.8650334 43.554275,19.8650334 C43.8320932,19.8650334 44.733805,19.8315502 45.2535167,19.7817238 C45.3748626,19.7817238 45.4962085,19.6657282 45.4962085,19.5497325 L45.4962085,17.3940469 C45.4962085,17.2449666 45.3748626,17.1620556 45.2191885,17.1620556 C44.8723149,17.1122293 44.4040954,17.1122293 44.1961309,17.1122293" id="Fill-11"></path> <path d="M87.0914657,9.02011721 C85.8257163,9.55066779 84.8030578,10.114303 83.658255,10.8274172 C83.5720356,10.8605019 83.5373083,10.9434129 83.5373083,11.0099808 L83.5373083,19.3672486 C83.5373083,19.5167276 83.4155633,19.5996386 83.2942174,19.5996386 L80.2426076,19.5996386 C80.0865344,19.5996386 79.9999158,19.4832443 79.9999158,19.3672486 L79.9999158,6.78152062 C79.9999158,6.66552497 80.0865344,6.54952931 80.1907163,6.54952931 L82.7222152,6.13457578 C82.8782883,6.10149111 82.9996342,6.21748676 82.9996342,6.31713939 L83.1209801,7.1793339 C83.1557074,7.36189752 83.3636719,7.4448085 83.5197451,7.32881284 C84.317275,6.83134694 85.5834236,6.20114373 86.6060821,5.85275815 C86.7621553,5.81967348 86.9178293,5.88624143 86.9178293,6.03532176 L87.1956475,8.68847327 C87.2475389,8.85429524 87.1784835,8.93720622 87.0914657,9.02011721" id="Fill-13"></path> <path d="M134.217781,17.9744637 C132.795559,17.9744637 132.709339,17.3777438 132.709339,16.4322396 L132.709339,8.22405217 C132.709339,8.07497184 132.830286,7.99206086 132.951632,7.99206086 L136.28106,7.99206086 C136.402406,7.99206086 136.523353,7.90914987 136.523353,7.76006955 L136.679825,6.43349379 C136.679825,6.28401485 136.55808,6.1680192 136.437133,6.1680192 L132.951632,6.1680192 C132.795559,6.1680192 132.709339,6.05202354 132.709339,5.93562927 L132.709339,2.81889375 C132.709339,2.66941482 132.587594,2.55302055 132.431521,2.58650383 L130.611333,2.85197843 C130.489987,2.85197843 130.420532,2.96757547 130.420532,3.08357113 L130.420532,5.95237092 C130.420532,6.10184985 130.299186,6.18476084 130.17784,6.18476084 L128.20118,6.18476084 C128.045107,6.18476084 127.958089,6.3007565 127.958089,6.41675215 L127.958089,7.74332791 C127.958089,7.89240823 128.079834,7.97531922 128.20118,7.97531922 L130.17784,7.97531922 C130.333914,7.97531922 130.420532,8.09171348 130.420532,8.20770914 L130.420532,16.7638836 C130.420532,18.9195692 131.408863,19.7817637 133.853344,19.7817637 C134.408581,19.7817637 134.96302,19.748679 135.518257,19.6326834 C135.639603,19.5995987 135.708659,19.5166877 135.708659,19.4006921 L135.708659,18.0741163 C135.708659,17.9246374 135.552985,17.8086417 135.43124,17.8417264 C134.980184,17.941379 134.581818,17.9744637 134.217781,17.9744637" id="Fill-15"></path> <path d="M97.3387274,6.21776579 C96.5930888,5.91920652 95.6394857,5.72029988 94.4084635,5.72029988 C93.0213682,5.72029988 91.9631841,5.95229119 91.131326,6.31741841 C89.1893925,7.22943924 88.565499,9.00365459 88.565499,10.9600349 L88.565499,14.5586906 C88.565499,17.7423926 90.0216497,19.698773 94.2523903,19.781684 L95.2403216,19.781684 C96.3847251,19.781684 97.58102,19.6656883 98.6739314,19.5162094 C98.7948781,19.4831247 98.916224,19.3675277 98.8639335,19.251532 L98.8639335,19.1351377 L98.5869136,17.2780114 C97.5119646,17.3940071 96.5755256,17.4274903 95.5009757,17.4274903 C92.9000223,17.4274903 92.1024923,16.7143762 92.1024923,15.1888938 L92.1024923,14.7408556 L92.1024923,14.111051 L99.7313172,14.111051 C99.8873903,14.111051 99.974009,13.9946567 99.974009,13.878661 L99.974009,12.8506446 L99.974009,11.1920263 C99.9396808,9.02039623 99.4016076,7.07996031 97.3387274,6.21776579 L97.3387274,6.21776579 Z M96.8182174,11.5906368 C96.8182174,11.7397171 96.6972706,11.8226281 96.5755256,11.8226281 L92.0677651,11.8226281 L92.0677651,10.644734 C92.0677651,9.35164156 92.6569313,8.48944704 94.4084635,8.48944704 C94.599264,8.48944704 94.8068293,8.48944704 94.9980289,8.52293033 C96.2985057,8.70509533 96.8182174,9.5505482 96.8182174,10.644734 L96.8182174,11.5906368 Z" id="Fill-17"></path> <path d="M10.6807539,21.9044842 L10.7673725,21.9044842 C10.9230465,21.9044842 11.0443924,21.7825165 11.0443924,21.6257607 C11.0443924,21.5033739 10.9577738,21.3466181 10.8020998,21.3466181 L10.715082,21.3466181 L10.5242816,21.31183 C7.31659864,20.6839687 4.94157208,17.8070392 4.94157208,14.4414006 C4.94157208,13.0121568 5.37506432,11.6520699 6.12030375,10.5539413 C6.24204881,10.3967664 6.4324501,10.2747986 6.64081377,10.4667616 L11.7038116,15.6271281 C11.7377405,15.6619161 11.8247583,15.7143078 11.8942129,15.7143078 C11.9808315,15.7143078 12.050286,15.6795197 12.0850133,15.6271281 L17.1823392,10.5015496 C17.3731397,10.3095867 17.5467761,10.3447939 17.6509579,10.5363377 C18.3961974,11.6520699 18.8296896,12.9949723 18.8296896,14.4242161 C18.8296896,16.2197822 18.1535056,17.8418273 17.0434301,19.0799464 C17.009102,19.1147344 16.9572107,19.1671261 16.9224834,19.2019141 C16.9224834,19.2367022 16.8877561,19.2890938 16.8877561,19.3238818 C16.8877561,19.4810567 17.009102,19.6030245 17.1651752,19.6030245 L17.1999025,19.6030245 C17.2346297,19.6030245 17.2865211,19.5682364 17.3212484,19.5682364 C24.0830887,16.7084914 23.7713415,9.94368351 23.7713415,9.94368351 C23.7713415,6.09017397 21.9503548,2.62059033 19.1418359,0.441098316 C19.0204901,0.353918635 18.8296896,0.353918635 18.7426718,0.475886362 L12.1025765,7.24111341 C11.9808315,7.36308113 11.790031,7.36308113 11.6690843,7.24111341 L4.97590019,0.475886362 C4.8545543,0.353918635 4.69888029,0.353918635 4.57753439,0.441098316 C1.82050776,2.62059033 -7.98328266e-05,6.03778233 -7.98328266e-05,9.94368351 C-7.98328266e-05,16.1502062 4.66415301,21.2766229 10.6807539,21.9044842" id="Fill-19"></path> <path d="M29.9264125,5.80321087 C28.6953903,5.80321087 27.3949136,5.88612185 26.1638914,6.06828685 C26.0425455,6.10177013 25.9211996,6.21776579 25.9730909,6.33376145 L26.25051,8.37345139 C26.2852373,8.48944704 26.3722551,8.6054427 26.5275299,8.6054427 C27.6723326,8.48944704 28.4179712,8.45636237 29.5795388,8.45636237 C32.1800931,8.45636237 32.9780222,9.16907795 32.9780222,10.694959 L32.9780222,11.6073784 C32.9780222,11.7564587 32.8566763,11.8393697 32.7349313,11.8393697 L29.4577938,11.8393697 C26.5798204,11.8393697 24.8634147,13.2317162 24.8634147,15.768872 C24.8634147,18.1071213 26.7534568,19.781684 29.6146653,19.781684 C31.4001264,19.781684 32.1114369,19.516608 32.7006031,18.9860574 C32.8566763,18.8365785 33.1340954,18.9525741 33.1340954,19.1351377 L33.1340954,19.3177014 C33.1340954,19.4667817 33.2554413,19.5496927 33.3767872,19.5496927 L36.2547605,19.5496927 C36.4108337,19.5496927 36.4978515,19.433697 36.4978515,19.3177014 L36.4978515,10.794213 C36.5321796,7.42834589 34.0876985,5.80321087 29.9264125,5.80321087 L29.9264125,5.80321087 Z M33.0123503,14.5750336 C33.0123503,16.2830796 31.8332195,17.4107487 29.9264125,17.4107487 C28.4702617,17.4107487 27.7070599,16.8801981 27.7070599,15.7856137 C27.7070599,14.5750336 28.5045898,14.0775677 29.9264125,14.0775677 L32.7349313,14.0775677 C32.8914036,14.0775677 32.9780222,14.1935633 32.9780222,14.3099576 L32.9780222,14.5750336 L33.0123503,14.5750336 Z" id="Fill-21"></path> <path d="M70.879694,5.80321087 C69.649071,5.80321087 68.3485943,5.88612185 67.1175721,6.06828685 C66.9962262,6.10177013 66.8748803,6.21776579 66.9267717,6.33376145 L67.2041908,8.37345139 C67.238918,8.48944704 67.3255366,8.6054427 67.4812107,8.6054427 C68.6260134,8.48944704 69.371652,8.45636237 70.5332196,8.45636237 C73.1337739,8.45636237 73.931703,9.16907795 73.931703,10.694959 L73.931703,11.6073784 C73.931703,11.7564587 73.8099579,11.8393697 73.688612,11.8393697 L70.4118737,11.8393697 C67.5335012,11.8393697 65.8170954,13.2317162 65.8170954,15.768872 C65.8170954,18.1071213 67.7071376,19.781684 70.5679469,19.781684 C72.353408,19.781684 73.0647185,19.516608 73.6538847,18.9860574 C73.8099579,18.8365785 74.0877761,18.9525741 74.0877761,19.1351377 L74.0877761,19.3177014 C74.0877761,19.4667817 74.209122,19.5496927 74.3304679,19.5496927 L77.2084413,19.5496927 C77.3645145,19.5496927 77.4515323,19.433697 77.4515323,19.3177014 L77.4515323,10.794213 C77.5377517,7.42834589 75.0413792,5.80321087 70.879694,5.80321087 L70.879694,5.80321087 Z M73.9660311,14.5750336 C73.9660311,16.2830796 72.7869003,17.4107487 70.879694,17.4107487 C69.4235433,17.4107487 68.6603415,16.8801981 68.6603415,15.7856137 C68.6603415,14.5750336 69.4578714,14.0775677 70.879694,14.0775677 L73.688612,14.0775677 C73.8450844,14.0775677 73.931703,14.1935633 73.931703,14.3099576 L73.931703,14.5750336 L73.9660311,14.5750336 Z" id="Fill-23"></path> </g> </g> </g> </g> </g> </g> </svg> </div> <p class="col-header imagine-title">想象一个没有恶意软件的世界。我们所做的。</p> <p><a href="https://www.malwarebytes.com/for-home/" id="cta-footernavigation-company-linkto-for_home-en" class="for-home-link-en">对于个人</a></p> <p><a href="https://www.malwarebytes.com/business/" id="cta-footernavigation-company-linkto-for_business-en">必威官网多少</a></p> </div> <!-- company --> <div class="col-md-2 col-xs-12 col-md-pull-3 footer-col company-col"> <p class="col-header">公司</p> <p><a href="https://www.malwarebytes.com/company/" id="cta-footernavigation-company-linkto-about_us-en">关于我们</a></p> <p><a href="https://jobs.malwarebytes.com/" id="cta-footernavigation-learn-linkto-careers-en">职业生涯</a></p> <p><a href="https://press.malwarebytes.com/" id="cta-footernavigation-learn-linkto-news_and_press-en">新闻和媒体</a></p> </div> <!-- my account --> <div class="col-md-2 col-xs-12 col-md-pull-3 footer-col"> <p class="col-header">我的账户</p> <p><a href="https://my.malwarebytes.com/en/login" id="cta-footernavigation-myaccount-linkto-sign_in-en">登入</a></p> </div> <!-- contact us --> <div class="col-md-3 col-xs-12 col-md-pull-3 footer-col"> <p class="col-header">联系我们</p> <p><a href="https://support.malwarebytes.com/hc/en-us" id="cta-footernavigation-contactus-linkto-get_support-en">得到支持</a></p> <p><a href="https://www.malwarebytes.com/contact/" id="cta-footernavigation-contactus-linkto-contact_sales-en">联系销售</a></p> <div class="address"> <!-- icon here --> <div class="hq"> <img src="//m.fwgtm.com/wp-content/themes/mb-labs-theme-3.5.13/images/footer/ic-pin-map.svg" alt="地图PIN."> <div class="address-text"> 3979自由圈,12楼<br>圣克拉拉,加州95054</div> </div> <div class="local hidden outside-na"> <img src="//m.fwgtm.com/wp-content/themes/mb-labs-theme-3.5.13/images/footer/ic-pin-map.svg" alt="地图PIN."> <div class="address-text"> 一个阿尔伯特码头,二楼<br>软木病人X8N6<br>爱尔兰</div> </div> </div> </div> </div> <div class="row soc-icon-row hidden-md hidden-lg"> <div class="footer-soc-icon"> <a id="cta-footer-social-twitter-en" class="social socicon-twitter" href="https://twitter.com/malwarebytes" aria-label="Visit Malwarebytes on Twitter"></a> </div> <div class="footer-soc-icon"> <a id="cta-footer-social-facebook-en" class="social socicon-facebook" href="https://www.facebook.com/Malwarebytes/" aria-label="Visit Malwarebytes on Facebook"></a> </div> <div class="footer-soc-icon"> <a id="cta-footer-social-linkedin-en" class="social socicon-linkedin" href="https://www.linkedin.com/company/malwarebytes" aria-label="Visit Malwarebytes on LinkedIn"></a> </div> <div class="footer-soc-icon"> <a id="cta-footer-social-youtube-en" class="social socicon-youtube" href="https://www.youtube.com/user/Malwarebytes" aria-label="Visit Malwarebytes on YouTube"></a> </div> <div class="footer-soc-icon"> <a id="cta-footer-social-instagram-en" class="social socicon-instagram-v2" href="https://www.instagram.com/malwarebytesofficial/" aria-label="Visit Malwarebytes on Instagram"></a> </div> </div> </div> <div class="footer-bottom"> <div class="container"> <div class="row"> <div class="col-xs-10 col-md-2"> <div class="lang-select-container"> <img src="//m.fwgtm.com/wp-content/themes/mb-labs-theme-3.5.13/images/footer/world.svg" alt="全球图标"> <a href="#" class="language-select col-header" id="cta-footernavigation-linkto-languageselect-en">英语</a> </div> </div> <div class="col-xs-12 col-md-10 legal-list-col"> <div class="legal-list"> <div class="legal-link"> <a class="legal" href="https://www.malwarebytes.com/legal/" id="cta-footernavigation-linkto-legal-en">法律</a> </div> <div class="legal-link"> <a class="legal" href="https://www.malwarebytes.com/legal/privacy-policy" id="cta-footernavigation-linkto-privacy-en">隐私</a> </div> <div class="legal-link"> <a class="legal" href="https://www.malwarebytes.com/accessibility/" id="cta-footernavigation-linkto-accessibility-en">无障碍</a> </div> <div class="legal-link legal-last"> <a class="legal" href="https://www.malwarebytes.com/tos/" id="cta-footernavigation-linkto-tos-en">服务条款</a> </div> </div> <br class="hidden-md hidden-lg"> <p class="p-year">©<span class="currentYear"></span>保留所有权利</p> </div> </div> </div> </div> </footer> <!-- language select overlay --> <section id="overlay-lang" class="text-center text-white" style="overflow-y: scroll;"> <div class="container"> <div class="row center-row"> <div class="col-md-10"> <p class="h2">选择你的语言</p> </div> </div> <div class="row center-row"> <div class="col-md-5"> <div class="text-center"> <ul class="list-unstyled" id="intl-sites"></ul> </div> </div> </div> </div> </section> <!-- pillar page select overlay --> <section id="pillar-pages" class="text-white overlay" style="overflow-y: scroll; display: none;"> <div class="container"> <div class="row"> <div class="col-md-10"> <p class="h2"><a href="https://www.malwarebytes.com/cybersecurity/" id="cta-labs-footernavigation-lightbox-learn-linkto-cybersecurity-en">网络安全基础知识</a></p> <p>你介绍与网络滑轨有关的一切,以及如何阻止它们。</p> </div> </div> <div class="row"> <div class="col-md-8 pillar-pages-list"></div> </div> </div> </section> <div style="display:none"> <div class="grofile-hash-map-8ff7688dd7aaf66effb89c65203ee7c3"></div> </div> <link rel="stylesheet" id="jetpack-carousel-css" href="//m.fwgtm.com/wp-content/plugins/jetpack/modules/carousel/jetpack-carousel.css?ver=9.5.3" type="text/css" media="all"> <!--replace with onetrust --> <!----> <style> .ce-banner { display: block; position: fixed; width: 100vw; background: #fff; bottom: 0; left: 0; z-index: 99999; box-sizing: border-box; padding: 20px; text-align: center; box-shadow: 0px 0px 20px #424242; } .ce-banner a { margin: 0 10px; } </style> </body> </html>