Attackers use final Lost episode to spread rogueware

PandaLabs detected the proliferation in search engines of numerous Web pages distributing the MySecurityEngine fake anti-virus. The “bait’ used in this case has been the much anticipated final episode of the series “Lost’.

There is nothing new about the way this infection operates. When someone searches for information relating to this series on the Internet, such as news on the final episode or how to view it through streaming, fake Web pages would appear which have been expertly indexed to appear in the leading positions among the results.

If users click these links, they will be prompted to accept the download of a file, such as a codec, and the fake anti-virus will be installed on the computers.

And it is not just “Lost’ that is being exploited in this way. In the last few days we have also detected similar techniques to lure potential victims using series including “Glee’, “Family Guy’ or the recent release of the film “Iron Man 2′.

The recent death of the Rainbow and Black Sabbath rock singer, Ronnie James Dio, has also been exploited by hackers to deploy a powerful Black Hat SEO attack across the Web.

According to Luis Corrons, Technical Director of PandaLabs, “What continues to surprise us is the speed with which the numerous websites are created and then indexed and positioned on the Internet. As the screening of the final episode of “Lost’ approaches we expect the number of malicious links to double or triple.”

With this in mind, we recommend users (particularly fans of the series) to be wary when visiting websites through search engines, and try to make sure the pages they visit are reliable. If users should be directed to fake websites, it is essential not to accept any downloads. “Using your common sense and having good up-to-date protection installed are the two best ways of staying safe from these threats”, adds Corrons.