Blog Archive

Friday, 24 September 2010

Malware authors zero in on multiple sclerosis sufferers

Today we found some poisoned search results on Google that were aimed at people searching for information about the new drug Gilenya, which is used to treat multiple sclerosis.

This would  be a good term to use in an SEO poisoning attack since it had beeen in the news. Earlier this week it was announced that the drug company Novartis AG had won approval from the U.S. Food and Drug Administration to sell it. (News story here.)

So, basically, the sick fools who try to make a buck with malicious code are targeting people suffering from MS or their caregivers.

The poisoned search results appeared when someone misspelled Gilenya as “Gilenia” and was set up to download a Trojan horse program that (conjecturing here) would further download a rogue security product or worse.

 
(Click graphic to enlarge)

By the time we got to check out the second site, its owners apparently had removed the malcode. The Google search spider on its last sweep, however, had found that page had the same text as the first poisoned page.

(Click graphic to enlarge)

That’s FraudTool.Win32.FakeVimes!VB (v)

The poisoned site has been taken down.

Thanks StopBadware.

Tom Kelchner

No comments:

Post a Comment