Access member only content, take part in discussions with comments on blogs, news and reviews and receive all the latest security industry news directly to your inbox. Join now for free.
Processing registration... Please wait.
This process can take up to a minute to complete.
A confirmation email has been sent to your email address - SUPPLIED EMAIL HERE. Please click on the link in the email to verify your email address. You need to verify your email before you can start posting.
If you do not receive your confirmation email within the next few minutes, it may be because the email has been captured by a junk mail filter. Please ensure you add the domain @scmagazine.com.au to your white-listed senders.
Patrik Runald, chief security advisor at F-Secure, has discovered that as the ‘Mikeyy' worm hit the headlines over the weekend, spammers have taken advantage to use search engine optimisation techniques to spread malicious links.
Runald claimed that it was “no surprise at all that Google searches for information about the Twitter worm would lead to malware sites; it was really just a matter of time. Especially not after all the talk about it over the weekend and the guy behind it confessing everything. Malicious search results about popular news are something we see very often unfortunately.” F-Secure showed that a search for the ‘Twitter worm' on Google gave a malicious link in the top ten results, and clicking on the link will redirect to ‘videxxxxxs.cn' which immediately redirects you to 'loyxxxxxxno.com' which tricks you into downloading a fake video codec from ‘cxxxxxxxxaz.com'. Runald claimed that the fake codec is malware, a Trojan downloader that downloads some additional malware, including a rogue security product called WinPC Defender, which shows fake malware detections. He later posted an update that revealed searching for ‘Mikeyy' also leads to malicious results.Runald said: “Like all rogue security products it will tell you that you have malware on your PC and that you have to buy the product to remove them. This is more expensive then usual though as they want you to pay US$69.99 when the usual rate seem to be US$39.95.”See original article on scmagazineuk.com
F-Secure showed that a search for the ‘Twitter worm' on Google gave a malicious link in the top ten results, and clicking on the link will redirect to ‘videxxxxxs.cn' which immediately redirects you to 'loyxxxxxxno.com' which tricks you into downloading a fake video codec from ‘cxxxxxxxxaz.com'. Runald claimed that the fake codec is malware, a Trojan downloader that downloads some additional malware, including a rogue security product called WinPC Defender, which shows fake malware detections. He later posted an update that revealed searching for ‘Mikeyy' also leads to malicious results.Runald said: “Like all rogue security products it will tell you that you have malware on your PC and that you have to buy the product to remove them. This is more expensive then usual though as they want you to pay US$69.99 when the usual rate seem to be US$39.95.”See original article on scmagazineuk.com
Runald claimed that the fake codec is malware, a Trojan downloader that downloads some additional malware, including a rogue security product called WinPC Defender, which shows fake malware detections. He later posted an update that revealed searching for ‘Mikeyy' also leads to malicious results.Runald said: “Like all rogue security products it will tell you that you have malware on your PC and that you have to buy the product to remove them. This is more expensive then usual though as they want you to pay US$69.99 when the usual rate seem to be US$39.95.”See original article on scmagazineuk.com
He later posted an update that revealed searching for ‘Mikeyy' also leads to malicious results.Runald said: “Like all rogue security products it will tell you that you have malware on your PC and that you have to buy the product to remove them. This is more expensive then usual though as they want you to pay US$69.99 when the usual rate seem to be US$39.95.”See original article on scmagazineuk.com
To begin commenting right away, you can log in below or register an account if you don't yet have one. Please read our guidelines on commenting. Offending posts will be removed and your access may be suspended. Abusive or obscene language will not be tolerated. The comments below do not necessarily reflect the views or opinions of SC Magazine, Haymarket Media or its employees.
