Just another Informatin of Virus
Bogus Sponsored Link Leads to FAKEAV
25Sep2009 Filed under: TrendLabs Author: adminApart from SEO poisoning, cybercriminals have found another avenue to proliferate FAKEAV malware—bogus sponsored links (sitio patrocinados in Spanish). Just recently, Trend Micro researchers were alerted to malicious search engine ads that appeared in Microsoft’s Bing and AltaVista, among others, when a user searches the string “malwarebytes.” (Malwarebytes is a free antivirus product, but of course, not a FakeAV.) Clicking the malicious URL points the user to an executable file named MalwareRemovalBot.exe-1 (detected by Trend Micro as TROJ_FAKEAV.DMZ).
Figure 1. Malicious banner ad on Bing
Figure 2. Malicious banner ad on AltaVista
Upon execution, the rogue antivirus displays false information that the system is infected with files that do not even exist.
Figure 3. Fake scan results
In the past, cybercriminals employed the same tactic when it hitchhiked on Trend Micro. Some Google searches then showed banner ads that led to a fraudulent Trend Micro website.
Though the ads may not appear in all regions, all users are still strongly advised to be extra careful when clicking links in search engines. Users connected to the Trend Micro Smart Protection Network are protected from this attack as it detects and blocks all malicious URLs.
Post from: TrendLabs | Malware Blog – by Trend Micro
One Response to “Bogus Sponsored Link Leads to FAKEAV”
Leave a reply
About this blog
Lorem ipsum dolor sit amet, consectetuer adipiscing elit. Quisque sed felis. Aliquam sit amet felis. Mauris semper, velit semper laoreet dictum, quam diam dictum urna, nec placerat elit nisl in quam. Etiam augue pede, molestie eget, rhoncus at, convallis ut, eros. Aliquam pharetra. Nulla in tellus eget odio sagittis blandit. Maecenas at nisl. Nullam lorem mi, eleifend a, fringilla vel, semper at, ligula. Mauris eu wisi.
free palm pre
October 24th, 2009 at 2:59 am
Excellent article, bookmarked for future referrence