Shameless SEO Based on Jakarta Bombing Incident

John Bambenek over at the Handler’s diary posted on this morning’s shameless SEO attempts to redirect news seekers to exploit pages. The end result on a successfully compromised system is a download of FakeAv (or “scareware”). Currently, its name is presented as “Personal Antivirus”:

The ThreatFire community is safe from pav.exe, and there have been a number of triggers on various versions of the file early this morning. Detection by the major AV vendors is very low to non-existent for the current variants.

Surprisingly, the Waledac and Zbot groups have been quiet on this news story so far. We’ll monitor the situation closely.

This entry was posted in The Law. Bookmark the permalink.

Leave a Reply

Your email address will not be published. Required fields are marked *


You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>