Cybercriminals Constantly Using Public Events to Serve Malware

Online criminals frequently spread malware by exploiting people's concern about the ongoing incidents, security researchers pointed out.

Recently, during the 3rd week of April 2010, a new bogus anti-virus scam cashed in on Peter Steele's death news. Steele was the man who led band Type O Negative, according to the blog post of Kaspersky's Senior anti-virus Researcher Nicolas Brulez, published by SCMAGAZINEUS on April 15, 2010.

Wrote Brulez in his blog post that not much time had passed since the spread of the news on April 14, 2010 when attackers using the techniques of BHSEO (blackhat search engine optimization) corrupted the search results. This they did to make their malicious web-links come up on higher ranks as users searched to get updates of Steele's death, Brulez posted.

So when users followed the poisoned links, they landed on fake software named CleanUp AntiVirus.

As a matter of fact, CleanUp AntiVirus is completely phony security software that's designed to steal information from computers. The program mimics any common anti-spyware while including system scanners. All these are to make the rogue software appear increasingly persuasive to victims. Further, the fake software is another member of the Virus Doctor group of bogus security programs.

Significantly, Google, the search giant, points out that rogue AV applications are on an increase as they account for 15% of the total malicious software detected.

Meanwhile about BHSEO techniques, Senior Security Specialist Patrik Runald at F-Secure Security Labs observes that it's increasingly becoming a prevalent trend. On average, the total count of malevolent websites that came up in Google searches through the use of Google trending topics increased to 13.7% in 2009 for the top 100 search results, he writes. Mediapost.com reported this in the end-week of March 2010.

It implies that for each set of 100 search results, approximately 14 web-links returned may direct to a malicious website instead of the one that was searched for.

Finally, cyber-criminals exploiting a famous person's death isn't something new. In June 2009, after the demise of Michael Jackson, poisoned BHSEO search results delivered scareware in the initial 100 results for the related search. Likewise, cybercriminals also used deaths of actress Natasha Richardson and actor Patrick Swayze to serve SEO tactics to serve users with malicious webpages.

Related article: Cheburgen.a: A New Email Worm

» SPAMfighter News - 4/27/2010