Explore the latest news and trends  

Sign up for our weekly security newsletter

Be the first to receive important updates on security


Internet Crooks Distribute Fake AV via September 11 SEO Campaign

According to security specialists at Trend Micro, as people observe the 8th centenary of September 11, 2009 militant assaults on the United States in 2001, Internet fraudsters too have started exploiting the general public's concern to spread bogus anti-viruses popularly called rogueware or scareware.

The specialists explain that as per a common practice over recent months, cyber criminals are launching the attack by using BHSEO (black hat search engine optimization) techniques. In this technique, search results are poisoned with malevolent web-links through the artificial inflation of web pages' ranks in a search engine.

Furthermore, the specialists, who examined certain SEO manipulated search results' screenshots, stated that it was apparent that Internet crooks had compromised a large number of search terms (keywords) as well as text from authentic sources. Thereafter, the results produced lead visitors to malicious websites, which seemed to present various kinds of details pertaining to the September 11 assaults, ranging from uncommon media coverage, footage and images of the incidents to articles about fresh memorial monuments.

Describing the most recent round of cyber attacks, Jessa De La Torre, Threat Response Engineer at Trend Micro, wrote on the company's blog on September 11, 2009 that surfers searching for any information about September 11 might get stacks of Google search hits, which took them to a harmful antivirus malware. The malware, according to Trend Micro's detection was TROJ_FAKEAV.BOH, Torre wrote.

He further explained that the Trojan might enter the computer posing as a security scanner namely 'Scanner-7c545a_2031.exe.' It was downloaded from many malicious websites listed among the poisoned search results on Google, while the surfers remained totally unaware.

When executed, TROJ_FAKEAV.BOH shows a runtime fault and tries to connect with http://{BLOCKED}netwok.com. The malware, wrote Torre, worked on Windows NT, ME, Server 2003, 98, 2000, and XP.

Moreover, Trend Micro specialists said that since criminals responsible for TROJ_FAKEAV.BOH showing no signs of slowing down, users needed to avoid unknown websites produced within Search Engine results, instead they visit established news agencies so that rogueware or malicious software downloads could be minimized.

Related article: Internet Threat Volumes Overwhelm Security Companies

» SPAMfighter News - 9/29/2009

3 simple steps to update drivers on your Windows PCSlow PC? Optimize your Slow PC with SLOW-PCfighter!Email Cluttered with Spam? Free Spam Filter!

Dear Reader

We are happy to see you are reading our IT Security News.

We do believe, that the foundation for a good work environment starts with fast, secure and high performing computers. If you agree, then you should take a look at our Business Solutions to Spam Filter & Antivirus for even the latest version of Exchange Servers - your colleagues will appreciate it!

Go back to previous page