Computer Security Research - McAfee Labs Blog

Collateral Damage (continued)

Friday August 7, 2009 at 6:36 am CST
Posted by Francois Paget

While Dmitri Alperovitch wrote his blog entry about the recent DDoS attack against Twitter and some other platforms hosting accounts of a pro-Georgian blogger nicknamed cyxymu, I browsed the Internet, searching for malicious websites taking advantage of this topic.

In second place in my google search request, I was attracted by a link proposing to add the blogger to my friends. This link was a lure redirecting me on a site promoting a fake anti-virus product.
null
Once again, we did not have to wait long before encountering such sites taking advantage of the news.

This entry was posted on Friday, August 7th, 2009 at 06:36 and is filed under Malware Research, Potentially Unwanted Programs, Scams, Uncategorized, Web and Internet Safety. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.

2 Responses to “Collateral Damage (continued)”

Once again, we did not have to wait long before encountering such sites taking advantage of the news. | IT Security Gurus Says:
August 7th, 2009 at 11:02
[...] Computer Security Research – McAfee Avert Labs Blog. Share and [...]
Jason Says:
August 9th, 2009 at 19:08
We have a malicious program that originates with an autorun.inf and an exe that derives it’s name from the user (i.e. Joe User.exe). The autorun also directs to shell32.dll. When infected, it runs the exact Windows Security Alert spoof in your screen shot. To date the only virus scanner I’ve found to identify it is F-prot, which identifies it as W32/VBTrojan.6!Maximus but doesn’t clean it.

Do you have something available to eradicate this? I have searched the past two days with no luck.

Collateral Damage (continued)

2 Responses to “Collateral Damage (continued)”

Leave a Reply

Archives

Categories