Alert: Microsoft Security Essentials SEO Poisoning

[Webnauts]

Malware authors have used Search Engine Optimization (SEO) techniques to mix rogue search results in with legitimate results. For example, one of the rogue links is directly under a MSDN blog entry discussing Microsoft Security Essentials. The rogue redirects are hosted on compromised Web sites, including a Canadian publisher's Web site and the British Travel Health Association.



When a user browses to the compromised Web sites, so long as they have been referred by a search engine, they are redirected to malicious Web sites with domain names such as computer-scanner21 and computervirusscanner31.



More: Microsoft Security Essentials SEO Poisoning - Security Labs Alert

[cg0404]

Google has not been fond of Redirects in the past, but where there is a will by malicious folks, there is a way.

[deepsand]

This may serve to explain an unusually large no. of recent Google Alerts of late which re-direct to attack vector.

WARNING : Do not follow the below links unless you are certain that your security measures are up to snuff.

Examples of such Alert links include :

http://www.google.com/url?sa=X&q=http://www.daveexmachina.com/zachery_died/glossary.php%3Fidea%3Dpenn-state-iowa-game-time&ct=ga&cd=9QhTU520vTA&usg=AFQjCNH9Xrxll50dQzUc 9hzDcSM-pCq1Kg

http://www.google.com/url?sa=X&q=http://www.leannderthal.com/andrus_ede/messages.php%3Fk%3Dpenn-state-beaver-stadium&ct=ga&cd=6QkR8ZuxaaY&usg=AFQjCNG_ND8Gfs2Rw qYjKi0mFnQUNf7g0g

http://www.google.com/url?sa=X&q=http://rivervalleytherapy.com/vachel_cherlyn/show.php%3Fq%3Dpenn-state-beaver-stadium&ct=ga&cd=C3_4aSYfOMk&usg=AFQjCNGajBJWhEd2J L3eps9QAmnGWTWlzg

http://www.google.com/url?sa=X&q=http://www.51bnb.com/cooper_wren/messages.php%3Fstring%3Dpenn-state-beaver-stadium&ct=ga&cd=_-55_eqMzPE&usg=AFQjCNGfNeKSVNKoICtxdTbry2QldZfLKg

All of the target links contain Anchor Text, here stripped away for display purposes, of "Windows PC Defender - Online Protection."

[Flyinjs]

Thank you Webnauts for the heads up!

[lyrickat21]

That's terrible, I don't understand why people create malicious code, what is the point. I mean, seriously, just get your own life instead of screwing with other people.

[deepsand]

Well, for some, "screwing with other people" is their life!

[lyrickat21]

Well, that is a VERY VERY sad life and I feel sorry for those people because they have nothing else to do with their time.

[deepsand]

Since they're doing it for profit, I doubt that it's necessarily a sad life from their perspective.

[lyrickat21]

Oh, I didn't know that people got paid for creating viruses and malicious code. Why would people pay for that? to put people's competitors out of business or something?

[deepsand]

Two main uses of malware today are :

• Create a network of compromised machines (botnet) which can then be rented out to spammers; and,
• Steal confidential data, such as Account Nos., User IDs, Passwords, etc., which is then sold to those who use it for various types of fraud and/or theft.