Massachusetts Senate Race Spread Malware

In the third week of January 2010, several Web users, who had been looking for the breaking news and analysis of the Republican Party's astonishing success in the Massachusetts Senate race, became the targets of cyber attackers and their increasingly sophisticated exploitation of search engine results.

As per a blog written by Symantec's Security Response group product manager, Kevin Haley, the much-talked about victory of GOP (Grand Old Party) candidate Scott Brown over Democrat Martha Coakley lured malware creators as it had caught the attention of several online readers, as per the reports by internet news on January 21, 2010.

Symantec revealed that 33 out of the top 100 results from a search for "Massachusetts senate race results" took users to harmful sites. Further, 11 out of the first 100 results for the related search of "Brown Coakley results" led users to dangerous websites where they were pressurized to purchase and download forged antivirus software.

The methodology of operation was standard. When clicked, the link of a seemingly authentic site displayed in the search results automatically redirected the browser towards a webpage that hit innocent user with a variant of System Security Rogue found by BitDefender as Trojan.FakeAV.ABT.

Its nature was identical to its older versions - XP Antivirus, antivirus 2009, AV360, Personal antivirus or Total Security Rogue: when landing on the malware circulation webpage, the browser window was automatically minimized and an alert message concurrently showed - informing the user about numerous system infections and the accessibility of System Security.

By clicking on either CANCEL or OK buttons of the many pop-up windows attacking the screen, the user starts bogus movies that play in the restored browser window. The movie imitates a scanning procedure that evidently finds several malware on the system. Other forged pop-up windows try to cheat the user into installing the malware.

To avoid being target of it, Symantec are suggesting Web users to always update their authentic security software applications, be careful about all the search engine results, be aware of any pop-up displays and banner advertisements and never accept or open dubious error displays within their browsers.

Related article: Microsoft Patches Live OneCare to Tackle Quarantined E-Mails

» SPAMfighter News - 1/30/2010