Beware of MS Antispyware 2009

A few people are getting sucked into installing MS Antispyware 2009. They go to some site and get a popup offering to install this program. Think about it. Normal websites don’t offer antispyware programs through a popup.

What’s wrong with this program? It contains a virus and the victim actually consents to install it. Sean-Paul Correll has provided an excellent video and a write-up at the PandaLabs Blog about this menace.

What is different about this exploit is the use of hundreds of SEO pages targeting major brands such as Ford and Nissan – search for some specific model or a car part and you will find links (mostly in Poland – .pl) that include dangerous infections as reported by Norton Internet Security.


Targeted Blackhat SEO Attack against Ford Motor Co. from Panda Security on Vimeo.

The following Google search “site:.pl nissan” has a few normal results at the top of the page, but then you get dozens of weird subdomains such as (don’t go there):

  • 347.aw.lubomogo.az.pl
  • 666.oo.mrfehz.wroclaw.pl
  • 872.zw.owncav.warszawa.pl

All of them are marked noarchive, hence you won’t see a Cached link. Most of these are doorway pages to p0rn sites but some also include infectious content.

Ash Nallawalla

Search strategist experienced in large, complex websites. Ash's Google+ profile

Related Posts

Amateur Hour – EU DisInfo Lab finds fake Indian news sites

Ash Nallawalla

21 December 2019

SEO

Feel free to share...FacebookTwitterRedditStumbleUponLinkedinemailMany news outlets are reporting an interview with a Brussels NGO called EU DisInfo Lab, (click the link to read the story) which found 265 websites in “65 countries” that posted the same content in an apparent attempt to influence Members of the European Parliament. The material was pro-India. I am not […]

Read More

Your account is currently unavailable due to a site issue. 2019

Ash Nallawalla

18 July 2019

SEO

Feel free to share...FacebookTwitterRedditStumbleUponLinkedinemail Facebook users. You get this message on the screen, “Account Temporarily Unavailable. Your account is currently unavailable due to a site issue. We expect this to be resolved shortly. Please try again in a few minutes.” Don’t panic. It’s a recurring problem and it is probably not just you facing the […]

Read More

Older Posts