Web Fraud Victims Blinded by Solar Eclipse

As people look for information or video online, it’s important that they understand that cyber-criminals may be using this opportunity to find more victims. This is just another example of how cybercriminals capitalize on global events or major news stories with wide consumer interests, events that are lucrative markets for cybercriminals. Other recent examples are Swine Flu and the release of Harry Potter and the Half Blood Prince.

The longest solar eclipse in the last century occured in July 2009 across Asia attracting a significant amount of media, user and therefore cybercriminal interest.

Feeding off the intense interest, innocent users have been attacked as they view search results about the eclipse.

In one example, on the 21st of July 2009, searching ’solar eclipse 2009 time’ yielded search results that led to the download of a fake Antivirus program.

When the user clicked on the link in Google, they were redirected to http://[....]ever.cn/go.php?id=2010-10&key=b8c7c33ca&p=1 which then was redirected further to http://[....]scannerv2.com/1/?id=2010-10&query=b387f2133&q=%3 which is the fake Antivirus Page.

After two days, the malicious domain is still in the top 10 of Google search results; luckily the domain it redirects to is no longer available.

In a second example, the same search query shown below produces a result whose selection causes the display of an image. The image appears to be a movie ready to be played. However, upon clicking on this image a malicious download Trojan.FakeAlert is initiated.

Details of Trojan.FakeAlert

PC Tools Threat Expert analysed the downloaded file as follows:

Trojan.FakeAlert will hijack the desktop background with an image alerting the user that their computer system has been infected with spyware. It also changes some settings of Windows® which include:- disabling permissions for the user to change the background image and setting the active desktop to ’show web content’. It is usually installed in conjunction with a rogue anti-spyware application.

View the full report here

This entry was posted in Adware & Spyware and tagged , , , . Bookmark the permalink.

One Response to Web Fraud Victims Blinded by Solar Eclipse

  1. Leonora Yambao says:

    I know I am on the wrong site again. I am watching it. I need a big help from PC Tools ASAP! Yesterday I was downloading my purchased products and keeps on denying my Licensed Code. I soon as I exit Internet Explorer every files on my PC was modified and altered. The internet right away was shutdown. I keep on receiving messages that every software that I installed has to be genuine certified. So I know there is a hacker on my PC right now. Please I need your help right away. I don’t want to exit right now. I don’t care if I pay extra money for you to solve my problem. Just now I try to download PC Tools to my C Drive and I was prohibited. It wants me to download it somewhere. Need feedback soon please. Thank you. Sir

Leave a Reply

Your email address will not be published. Required fields are marked *


You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>