informa
/
Vulnerabilities/Threats
Products & Releases

Hackers Using the Final Episode Of "Lost" To Spread The MySecurityEngine Fake Antivirus

Recent death of rock singer Ronnie James Dio is also being used to distribute fake antivirus programs
ORLANDO, Fla. May 19, 2010 – – PandaLabs, Panda Security’s antimalware laboratory, has in the last few hours, detected the proliferation in search engines of numerous Web pages distributing the MySecurityEngine fake antivirus. The ‘bait’ used in this case has been the much anticipated final episode of the popular ABC series “Lost.”

There is nothing new about the way this infection operates. When someone searches for information relating to this series on the Internet, such as news on the final episode or how to view it via streaming video, fake Web pages which have been expertly indexed to appear in the leading positions among the results are listed (image available at: http://www.flickr.com/photos/panda_security/4621101704/). If users click these links, they will be prompted to accept the download of a file, such as a codec, and the fake antivirus will be installed on the computers (image available at: http://www.flickr.com/photos/panda_security/4621101736/).

PandaLabs has also discovered that in addition to “Lost,” similar techniques to lure potential victims have been detected with other popular shows and searches including “Glee,” “The Family Guy” and the recently released film, “Iron Man 2.”

The recent death of the Rainbow and Black Sabbath rock singer, Ronnie James Dio, has also been exploited by hackers to deploy a powerful Black Hat SEO attack across the Web.

According to Luis Corrons, Technical Director of PandaLabs, “What continues to surprise us is the speed with which the numerous websites are created and then indexed and positioned on the Internet. As the screening of the final episode of “Lost” approaches we expect the number of malicious links to double or triple.”

With this in mind, PandaLabs recommend users (particularly fans of the series) to be wary when visiting websites through search engines, and try to make sure the pages they visit are reliable. If users should be directed to fake websites, it is essential that no downloads are accepted. “Using your common sense and having good up-to-date protection installed are the two best ways of staying safe from these threats,” adds Corrons.

About PandaLabs

Since 1990, its mission has been to detect and eliminate new threats as rapidly as possible to offer our clients maximum security. To do so, PandaLabs has an innovative automated system that analyzes and classifies thousands of new samples a day and returns automatic verdicts (malware or goodware). This system is the basis of Collective Intelligence, Panda Security’s new security model which can even detect malware that has evaded other security solutions.

Currently, 99.4 percent of malware detected by PandaLabs is analyzed through this system of Collective Intelligence. This is complemented through the effort of several teams, each specialized in a specific type of malware (viruses, worms, Trojans, spyware, phishing, spam, etc), working 24/7 to provide global coverage. This translates into more secure, simpler and more resource-friendly solutions for clients.

More information is available in the PandaLabs blog: http://www.pandalabs.com.

For more information, visit http://www.pandasecurity.com/.

Recommended Reading:
Editors' Choice
Kirsten Powell, Senior Manager for Security & Risk Management at Adobe
Joshua Goldfarb, Director of Product Management at F5