A false-positive in McAfee's detection of the Wecorl.A virus caused hundreds of thousands of computers around the world to repeatedly reboot themselves, as the antivirus software mistakenly zapped the critical svchost.exe file.
But that hasn't stopped blackhat SEO hackers from creating poisoned Web pages that appear high in the search rankings if you hunt for information on the McAfee false-positive.
Clicking on one of these dangerous links can take you to a Website that harbors the Mal/FakeAV-BW scareware (also known as fake antivirus) attack, designed to trick you into believing you have a serious security problem on your computer -- and urging you to purchase or install other code from the hackers behind the scam.
If you have suffered from the false positive, then I suggest you visit McAfee's Website for advice -- and not to go clicking on unknown links.
More details about the fake antivirus attack associated with the McAfee false alarm can be found on my blog on the Sophos Website.
Graham Cluley is senior technology consultant at Sophos, and has been working in the computer security field since the early 1990s. When he's not updating his award-winning other blog on the Sophos website, you can find him on Twitter at @gcluley. Special to Dark Reading.