Mobile Version Subscribe to Virus Experts – We Make Your Digital Life Secured RSS FeedSubscribe to Virus Experts – We Make Your Digital Life SecuredComments FEED

Browse > Home /

Google ‘malware’ sponsored advert delivers fake anti-virus

July 15, 2010 by admin  
Filed under Security News

Leave a Comment

“Be careful what you ask for – you might get it.”

 

That’s the thought running through my head today after I searched for the word “malware” on Google.

 

As you’ll see in the following short YouTube video I made, a sponsored link right at the top of the Google search results points to a fake anti-virus website posing as a legitimate security company:

(Enjoy this video? You can check out more on the SophosLabs YouTube channel and subscribe if you like)

 

If you download the fake anti-virus program promoted on the website you risk infection by malware identified by Sophos as Troj/FakeAV-AOV.

 

 

Read More…

 

Tags: , , , , ,

Bogus Sponsored Link Leads to FAKEAV

September 27, 2009 by admin  
Filed under Security News

Leave a Comment

Apart from SEO poisoning, cybercriminals have found another avenue to proliferate FAKEAV malware—bogus sponsored links (sitio patrocinados in Spanish). Just recently, Trend Micro researchers were alerted to malicious search engine ads that appeared in Microsoft’s Bing and AltaVista, among others, when a user searches the string “malwarebytes.” (Malwarebytes is a free antivirus product, but of course, not a FakeAV.) Clicking the malicious URL points the user to an executable file named MalwareRemovalBot.exe-1 (detected by Trend Micro as TROJ_FAKEAV.DMZ).

 

Click for larger view


Figure 1. Malicious banner ad on Bing


Click for larger view

Figure 2. Malicious banner ad on AltaVista


Upon execution, the rogue antivirus displays false information that the system is infected with files that do not even exist.


Click for larger view

Figure 3. Fake scan results


In the past, cybercriminals employed the same tactic when it hitchhiked on Trend Micro. Some Google searches then showed banner ads that led to a fraudulent Trend Micro website.

 

Though the ads may not appear in all regions, all users are still strongly advised to be extra careful when clicking links in search engines. Users connected to the Trend Micro Smart Protection Network are protected from this attack as it detects and blocks all malicious URLs.

 

 

by Erika Mendoza (Threat Response Engineer) at Trendmicro.com

 


Tags: , , ,