BHSEO Attacks Exploit Fake YouTube Pages & Flash Player Updates
The Trend Micro security experts have released a warning about the growing black hat search optimization (BHSEO) campaigns, which take advantage of the fake YouTube pages and Flash Player updates to make the users install malware on their systems.
It should be noted that BHSEO has been a commonly used process to spread malware on the Internet in recent times. In this process, a malicious website PageRank is falsely inflated to make them appear on the first pages of search results for keywords matched to recent news events.
Trend Micro has stated that in the latest attacks, the company noticed that the enquiries for links like videos of "Teresa Guidice,"(a reality TV celebrity) "Holly Davidson,"(British actress) and the oil spill of BP initially led to pages like YouTube even before appearing to the fake malware threat warnings. These results are mainly compromised sites which will entice the users to open these infected sites.
The Trend Micro security experts have also noticed a change, where blackhat SEO combines with another famous malware system. In this case, the search results to the thread "Mel Gibson Tapes" get directly connected to the installer of Adobe Flash Player instead of going to pages having malware infection instructions.
Such pages can fool users by making them believe that link attached with the video needs an Adobe Flash Player installation to see it.
After the detailed investigation of this threat, Marco Dela Vega (Threat Response Engineer, Trend Micro) states that the cyber criminals behind his attack know every detail as they used a trustable interface regarding the bogus Adobe installer and a convincing strong URL suggesting that this is an actual Adobe-based site, as reported by trendmicro on July 14, 2010.
Norman Ingal, Threat Response Engineer at Trend Micro, states that with the continuous increase in SEO blackhat attacks, users are recommended that they should be extremely cautious when conducting searches. He further advices that the users should use a full-proof and up-to-date antivirus program on the system.
Related article: Bugs Swell In Browsers in 2006
» SPAMfighter News - 26-07-2010