For last couple of weeks we received quite a bit of reports of images on Google leading to (usually) FakeAV web sites.
Google is doing a relatively good job removing (or at least marking) links leading to malware in normal searches, however, Google’s image search seem to be plagued with malicious links. So how do they do this?
The activities behind the scenes to poison Google’s image search are actually (and unfortunately) relatively simple. The steps in a typical campaign are very similar to those I described in two previous diaries (Down the RogueAV and Blackhat SEO rabbit hole – part 1 at http://isc.sans.edu/diary.html?storyid=9085 and part 2 at http://isc.sans.edu/diary.html?storyid=9103). This is what the attackers do:
Read More......
XP Home Security, Vista Home Security 2011, Win 7 Internet Security are new version of multi -named Rogue Anti-spyware from Braviax family is noticed in the wild. The rogues are named randomly, depending on Operating System, and have always OS version in the name.
Subscribe to:
Posts (Atom)
