Blog for hpHosts, and whatever else I feel like writing about ....

Sunday, 29 March 2009

Black Hat SEO and Rogue Antivirus p2

The World Wide Web Consortium and Rogue AV

Having your website hacked with IFRAME injected, trojans/backdoors?

Having your pages infected with redirection to rogue antivirus/antispyware?

Having your pages replaced with World Wide Web Consortium article and some
obfuscated javascript code append to them?

This page will show you some recent research about a malware campaign which has infected thousand of websites. In this campain all of these sites have been used to distribute fake antispyware called WinWebSec or FakeSpyGuard.(Sometimes called WinWebSecurity or SystemSecurity2009 with InternetAntivirusPro)

Since July/August 2008 hundreds of thousands of pages on legitimate domains were exploited having web pages stuffed with keywords (porn, celebrities, popular snacks) uploaded to them as a means of attracting victims via search engine results. In some cases, the homepage of the compromised site is being modified, appending hidden links to the malicious web page.

Read more

No comments: