Video Screencast Help
Symantec to Separate Into Two Focused, Industry-Leading Technology Companies. Learn more.
Security Response

iPad SEO Poisoning Leads To Rogue Security Software

Created: 28 Jan 2010 11:19:45 GMT • Updated: 23 Jan 2014 18:29:58 GMT
Joji Hamada's picture
+1 1 Vote
Login to vote

Yesterday we saw SEO poisoning attacks when searching for keywords such as "Apple Tablet". Now, after the product announcement has been made, we are seeing the same attack with the actual name of the product included in the search term.

Using search terms like "Apple Ipad rumor" or "Apple Ipad size" are likely to produce results from sites like,, or, ultimately compromising your computer with rogue security software.



No worries for Symantec product users.  Our HTTP FakeAV Redirect Request IPS signature will detect the attack.  Our Trojan.FakeAV!gen13 heuristic detection will also catch the rogue security software that's eventually downloaded on to the computer.  For network administrators, you can add the two rogue security software domains mentioned above to a blacklist, as well as and the IP address, both of which are used in the attacks.