Web Hunt for British Escapee Could Produce Malware

Security researchers have cautioned that a BHSEO (Black Hat Search Engine Optimization) campaign is targeting Web-surfers looking for Raoul Moat's photos online. Moat is a man whom the British police presently hunting. Actually, the online attack is manipulating search results on Google Images to take Web-surfers to malware-serving URLs, as reported by SoftPedia on July 8, 2010.

British officials have been on alert since July 3, 2010 when Moat, equipped with a gun, killed his former girlfriend, her new boyfriend and a policeman.

As the manhunt has been on for five days, the UK public is trying to get updated news about the incident. The incident has drawn worldwide attention as well. Therefore, many people outside Britain are going online to get the new details of the entire episode. Simultaneously, malware purveyors have become active too and exploiting the situation.

Christopher Boyd, malware Researcher at Sunbelt (an antivirus company) has cautioned that using Google Images to search for "Raoul Moat" will return malevolent URLs, as reported by SoftPedia on July 8, 2010.

While blogging, Boyd notes that each and every Web search on Google Image right from the top diverts users to serveradobe.co.cc. The URL displays a bogus prompt, "Install this" after which a file named V11_adobe_flash.exe is pushed for download. Sunbelt has identified this file as a malware called VirTool.Win32.Obfuscator.hg!b (v).

Out of 41 antivirus programs on VirusTotal (a free Internet scan service for malware and viruses), 11 could detect VirTool - a rate slightly low. While the security investigators at Sunbelt are working to understand the file, it appears that the file is fake antivirus software or something similar.

Meanwhile, the security researchers stated that the BHSEO manipulation spree seemed to be all set in action, rendering the results in Image Search useless and equipping them all with spurious Web-links.

Thus, the security specialists advise Web-surfers to remain vigilant of the campaign. Additionally, they are advised to deploy all the essential security software and keep the software up-to-date for averting any chance of getting trapped.

Related article: Web Browsers Too Have Security Exploits

» SPAMfighter News - 20-07-2010

All SPAMfighter products offer a free trial!

SPAMfighter is a free spam filter for Outlook, Outlook Express,Windows Mail, Windows Live Mail and Thunderbird.

Optimize your Slow PC for better performance. Try FREE scan now

Disk space recovery
and disk optimization. Try FULL-DISKfighter free

SPAMfighter Exchange Module is a Spam filter for Exchange server - Free 30 days trial.

Remove Spyware with SPYWAREfighter - Free 30 days trial

Antivirus software for your Windows PC - Free 30 days trial