Image SEO: Celebrity images and Fake Anti-Virus programs
At the end of last week a strange thing happened when I was googling.
Whilst listening to the radio I heard the name of the actress Barbara Hershey. Being only vaguely familiar with the name, I typed it into Google. In doing so I stumbled on a deliberate attempt to poison Google Image results with pages constructed to infect victims with scareware (Fake anti-virus malware).
A video illustrating this attack is shown below.
The sites hosting the image was ranked highly by Google, due to SEO techniques. But the site contains a malicious script, detected as Troj/JSRedir-F, which redirects victims to another site from where fake AV malware is installed.
SophosLabs has seen a number of other sites affected using the same ruse, deploying images of a number of celebrities:
- Shania Twain
- Warren Beaty
- Jodie Kidd
- Victoria Sylvstedt
- Hugh Hefner
- Princess Tiaamii Andre (spawn of Peter Andre and pneumatic equestrian Jordan)
Plus a number of people I haven’t heard of. Plus animals, vegetables and minerals (one is a photo of the HIV retrovirus!).
All the sites seen so far are being hosted on Blogspot, and SophosLabs is working with Google to get the sites shut down.
Posted on January 6th, 2009 by Pob, SophosLabs, UKFiled under: General, Malware, Web
Windows 7 security - A great leap forward or business as usual?
