Word Press Users Attacked by False AV Attack
Websense, a Security Company has spotted a new gush of mass malware disrupt during a wellknown antivirus campaign, which is targeted at websites hosted by word press Content Management System, reported by TECHWORLD on March 6, 2012.
The attacks have been found in over 200,000 infected pages, closing to 30,000 different websites. These kinds of malware injection captures visitors to malware-infected sites and readdresses them to fraud sites in an attempt to trap them and functionalize Trojan download being installed into their system.
Among 85% of the compromised sites are in the US. However, everyone who visited these sites is warned by websense.
It is said that when users load the page, they enter a top-level domain .rr.nu that intimate a security scan, which ask them to download a spiteful program which seems to clean viruses from their system. This scam is working in various form for years and websense noticed that it's been tracking this specific threat for quite a long time.
The real code being injected into susceptible sites is very short on the bases of norms, and can be found just before the tag displayed in the bottom of a malware-infected page.
No new features observed the rogue AV scams with such a huge number of malware-infected web page and compromised websites in on-going campaign. It's evident that these scams are still working," as claimed by Senior Researcher at Websense Lab, Elad Sharf, according to the news of TECHWORLD on March 6, 2012.
Cyber crooks have succeeded in making the website page resemble the Windows by Windows Explorer along with Windows Security Alert Dialogue Box so that, they could convince the victim about their genuineness. On successful achievement of the same, the victim will fall prey of the same and be prompted to download and install antivirus application in the form of a Trojan executable.
Also, by a report from the antivirus Vendor at Kaspersky on October 2001, attacks that disturb fake antivirus software had been on a decline, due to the law enforcement initiatives, improvement in the algorithms filtered from search engines undertaken by the security committee to interrupt cybercriminals distribution network.
» SPAMfighter News - 14-03-2012