Searching for Easter eggs leads to malware
Posted on 06.04.2012
Blackhat SEO is a popular tactic for malware peddlers to distribute their wares to unsuspecting victims, and the weeks before major holidays are always a perfect time for poisoning search results for search terms tied to them.

Easter is a couple of days away, and since gifting chocolate Easter eggs and thematically decorating homes is a big part of the celebration, it's no wonder that the results for typically innocuous search terms like "chocolate", "easter eggs" or "decorating tips easter secrets" include malicious ones.

According to Sophos, when those last two search terms are combined, the very first result leads users to be infected with a fake AV variant by the name of "Windows Care Taker":

The malware feigns to have discovered a massive infection, and in order to clean the computer asks the victim to purchase the full version:

"The reason why SEO attacks are successful, is that all of us tend to trust search engine results," says Sophos' Fraser Howard.

To prevent bad things to result from this tendency, he advises installing a reputable security product; using plug-ins that hide or modify the referrer that tells the page that one has landed on it via a search engine; and looking critically at the URL of the page before clicking on it, as most of the time the domain looks completely unrelated to the topic.


Harnessing artificial intelligence to build an army of virtual analysts

PatternEx, a startup that gathered a team of AI researcher from MIT CSAIL as well as security and distributed systems experts, is poised to shake up things in the user and entity behavior analytics market.

Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.

Daily digest

Receive a daily digest of the latest security news.

Mon, Feb 8th