Beware of MS Antispyware 2009

A few people are getting sucked into installing MS Antispyware 2009. They go to some site and get a popup offering to install this program. Think about it. Normal websites don’t offer antispyware programs through a popup.

What’s wrong with this program? It contains a virus and the victim actually consents to install it. Sean-Paul Correll has provided an excellent video and a write-up at the PandaLabs Blog about this menace.

What is different about this exploit is the use of hundreds of SEO pages targeting major brands such as Ford and Nissan – search for some specific model or a car part and you will find links (mostly in Poland – .pl) that include dangerous infections as reported by Norton Internet Security.


Targeted Blackhat SEO Attack against Ford Motor Co. from Panda Security on Vimeo.

Loading...

The following Google search “site:.pl nissan” has a few normal results at the top of the page, but then you get dozens of weird subdomains such as (don’t go there):

Loading...
  • 347.aw.lubomogo.az.pl
  • 666.oo.mrfehz.wroclaw.pl
  • 872.zw.owncav.warszawa.pl

All of them are marked noarchive, hence you won’t see a Cached link. Most of these are doorway pages to p0rn sites but some also include infectious content.

Loading...

Ash Nallawalla

Search strategist experienced in large, complex websites. SEO consultant.

Related Posts

Double Your Internet Speed?

Ash Nallawalla

5 September 2020

SEO

Feel free to share...FacebookTwitterRedditStumbleUponLinkedinemailHave you seen the ads that tempt you to “double” your internet speed? I don’t know what they sell, but there are free options to try first. I remembered Steve Gibson from the early days for his SpinWrite program, so I didn’t hesitate to try out his free program DNS Benchmark – […]

Read More

Automated Facebook “Community Standards” decisions are getting ridiculous.

Ash Nallawalla

18 March 2020

SEO

Feel free to share...FacebookTwitterRedditStumbleUponLinkedinemail I shared an article from the Sydney Morning Herald that I saw on Facebook, with my comment ” Interesting analysis of the UK approach” – that is all I said. I think there were some interactions on that post. Today I received a notification (screenshots follow). I had no option to […]

Read More

Older Posts