[Owasp-singapore] Microsoft Security Essentials SEO Poisoning

Wong Onn Chee ocwong at usa.net
Wed Sep 30 09:56:02 EDT 2009


http://securitylabs.websense.com/content/Alerts/3485.aspx

Websense Security Labs(TM) ThreatSeeker(TM) Network has discovered that
search engine results for information on how to download Microsoft's
recently released Security Essentials tool are returning links to Web
sites that serve rogue AV.

Malware authors have used Search Engine Optimization (SEO) techniques to
mix rogue search results in with legitimate results. For example, one of
the rogue links is directly under a MSDN blog entry discussing Microsoft
Security Essentials. The rogue redirects are hosted on compromised Web
sites, including a Canadian publisher's Web site and the British Travel
Health Association.

When a user browses to the compromised Web sites, so long as they have
been referred by a search engine, they are redirected to malicious Web
sites with domain names such as computer-scanner21 and
computervirusscanner31.





More information about the Owasp-singapore mailing list