Peaches Posted August 4, 2009 Report Share Posted August 4, 2009 Cory Aquino’s Death Used to Spread Another FAKEAV by Det Caraig (Technical Communications) It has only been a few days since former Philippine president Corazon Aquino died of cardio-respiratory arrest last Saturday (August 1). Cybercriminals are already well on their way to use this event for their own selfish gains.Cybercriminals use popular and high interest events to further their cause—in this case, spreading fake antivirus software detected by Trend Micro as TROJ_FAKEALRT.FK.Trend Micro threat analyst Joseph Pacamarra found that searching for details on the former president’s death with the words “corazon aquino’s death” led users to the following malicious sites:http://{BLOCKED}-gonzales.redxhost.com/corazon-aquino-death.htmlhttp://{BLOCKED}sa.20x.cc/corazon-aquino-death.htmlhttp://{BLOCKED}rank.0adz/corazon-aquino-death.htmlhttp://{BLOCKED}-1.0adz.com/corazon-aquino-died.htmlThe cybercriminals used the same .php page (1.php) to redirect users who click the links above. However, this page was hosted on different domains, possibly to avoid detection. The redirections from the above links eventually led to the download of a fake antivirus from the following sites:http://{BLOCKED}-pro-antivirus-scan.com/download.php?id=2022http://{BLOCKED}-pro-antivirus-scan.com/download/Install-6a1e7ce_2022.exehttp://{BLOCKED}-pro-antivirus-scan.com/download/Install-74f10_2022.exehttp://{BLOCKED}-pro-antivirus-scan.com/download/Install-6a75f_2022.exedetails & screenshots - http://blog.trendmicro.com/ Quote Link to post Share on other sites
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.