Serena Serves Up an Ace for Malware Pushers
Tennis is a huge sport worldwide and yesterday was the women's semi final of the US Open in which Serena Williams lost out to her rival due to a foot fault. To cut to the chase, Ms Williams went on to deliver a verbal volley against the line judge, something about shoving tennis balls … somewhere. The exchange was caught on live video footage and many copies are currently doing the rounds on the Internet. The interest that this incident has stirred, provided the spark needed to ignite yet another SEO campaign to spread malware. In the case of this incident, the malware is encountered when you search for terms such as "Serena Williams Outburst".
One of the sites returned from the search goes to a domain named pixnat.com. This looks like another case of hacked web site used to host fake AV scanners leading to new variants of misleading applications. When the malicious URL is visited, a fake antivirus scan window pops up (same as we have seen this one many a times in the past) and reports that various threats are detected.
You are then offered a download of a certain application to “fix” the problem, the file has a name of setup_build7_195.exe. At this time the file being served up is corrupt and does not run but we have added a detection for it as Trojan horse. The scale of this SEO poisoning attack is quite small but this incident serves to highlight you have to be careful what you search for. If you want the news, its best to stick with the official source: http://www.usopen.org/en_US/news/articles/2009-09-13/200909131252817986265.html.