Security Alert: Microsoft Security Essentials SEO Poisoning

Posted on Wednesday, September 30, 2009 @ 11:10:22 PDT in Security: Websense
by Raven

Websense Security Labs(TM) ThreatSeeker(TM) Network has discovered that search engine results for information on how to download Microsoft's recently released Security Essentials tool are returning links to Web sites that serve rogue AV.

Threat Type: Malicious Web Site / Malicious Code

Malware authors have used Search Engine Optimization (SEO) techniques to mix rogue search results in with legitimate results. For example, one of the rogue links is directly under a MSDN blog entry discussing Microsoft Security Essentials. The rogue redirects are hosted on compromised Web sites, including a Canadian publisher's Web site and the British Travel Health Association.

When a user browses to the compromised Web sites, so long as they have been referred by a search engine, they are redirected to malicious Web sites with domain names such as computer-scanner21 and computervirusscanner31.

An example of one of the payload files shows that AV detection is low.

To view the details of this alert Click here
click Related        click Share
Associated Topics


News ©

Site Info v2.2.2

Last SeenLast Seen
Server TrafficServer Traffic
  • Total: 346,362,045
  • Today: 17,049
Server InfoServer Info
  • Jan 22, 2018
  • 08:34 am PST

Daily Inspiration