Video Screencast Help
Symantec Appoints Michael A. Brown CEO. Learn more.
Security Response

Serena Serves Up an Ace for Malware Pushers

Created: 14 Sep 2009 14:41:55 GMT • Updated: 23 Jan 2014 18:32:43 GMT
Hon Lau's picture
0 0 Votes
Login to vote

Tennis is a huge sport worldwide and yesterday was the women's semi final of the US Open in which Serena Williams lost out to her rival due to a foot fault. To cut to the chase, Ms Williams went on to deliver a verbal volley against the line judge, something about shoving tennis balls … somewhere. The exchange was caught on live video footage and many copies are currently doing the rounds on the Internet. The interest that this incident has stirred, provided the spark needed to ignite yet another SEO campaign to spread malware. In the case of this incident, the malware is encountered when you search for terms such as  "Serena Williams Outburst".

Search results

One of the sites returned from the search goes to a domain named pixnat.com. This looks like another case of hacked web site used to host fake AV scanners leading to new variants of misleading applications.   When the malicious URL is visited, a fake antivirus scan window pops up (same as we have seen this one many a times in the past) and reports that  various threats are detected.

Fake antivirus scanner window

You are then offered a download of a certain application to “fix” the problem, the file has a name of setup_build7_195.exe. At this time the file being served up is corrupt and does not run but we have added a detection for it as Trojan horse. The scale of this SEO poisoning attack is quite small but this incident serves to highlight you have to be careful what you search for. If you want the news, its best to stick with the official source: http://www.usopen.org/en_US/news/articles/2009-09-13/200909131252817986265.html.