Endpoint Protection

 View Only

iPad SEO Poisoning Leads To Rogue Security Software 

Jan 28, 2010 06:19 AM

Yesterday we saw SEO poisoning attacks when searching for keywords such as "Apple Tablet". Now, after the product announcement has been made, we are seeing the same attack with the actual name of the product included in the search term.

Using search terms like "Apple Ipad rumor" or "Apple Ipad size" are likely to produce results from sites like youcanbesureforsafe.net, antyspywarescanblog.com, or mastersmegasecurity.net, ultimately compromising your computer with rogue security software.

goog.jpg

2ndpopup.jpg

No worries for Symantec product users.  Our HTTP FakeAV Redirect Request IPS signature will detect the attack.  Our Trojan.FakeAV!gen13 heuristic detection will also catch the rogue security software that's eventually downloaded on to the computer.  For network administrators, you can add the two rogue security software domains mentioned above to a blacklist, as well as xtijzl.xorg.pl and the IP address 93.158.114.163, both of which are used in the attacks.

Statistics
0 Favorited
0 Views
0 Files
0 Shares
0 Downloads

Tags and Keywords

Related Entries and Links

No Related Resource entered.