Searching for Corey Haim leads to Rogue Antivirus Software
This is an example of creative Blackhat SEO poisoning attacks. The crooks use unscrupulous methods to build strong response to an emerging key word exploiting a recent event. In this case they exploit the death of Corey Haim to direct people to Malware masquerading as antivirus software. As noted in this article on 17% of AV products would detect this product, meaning 83% of products would allow it to infect your PC.
Security Labs
Searching for Corey Haim Leads to Rogue AV
Threat Type: Malicious Web Site / Malicious Code
Websense Security Labs™ ThreatSeeker™ Network has discovered that search terms related to Corey Haim have become the latest target for Blackhat SEO poisoning attacks.
Corey Haim, 1980s teen idol actor and a star of such famous movies as “The Lost Boys” and “License to Drive”, was found dead in his Los Angeles apartment at the age of only 38 on Wednesday.
Whether it’s a natural disaster or a death, Blackhats monitor and adapt to popular search trends. Not long after the sad news emerged, the search phrase “Corey Haim” became one of the hottest topics in Google trends.
Screenshot of the Google trend:
Cybercriminals again jump at a chance to spread their rogue AVs. When users enter keywords such as “Corey Haim death” in Google, some of the results will lead them to download fake security software. The downloading FakeAV file has only 17% coverage from antivirus products.
4 Responses3 Comments 1 Recommend