SCAREWARE - warning message claims the computer is running suspicious applications and the user is encouraged to run a scan
A fast-moving Twitter worm is in circulation, using Google’s goo.gl redirection service to push unsuspecting users to a notorious scareware (fake anti-virus) malware campaign.
At 8:45 a.m EST today, this Twitter search shows thousands of Twitter messages continuing to spread the worm.
According to malware hunters tracking the threat, the worm’s redirection chain pushes users to a Web page serving up the “Security Shield” Rogue AV. The page is using obfuscation techniques that include an implementation of RSA cryptography in JavaScript to obfuscate the page code.
Once a user’s browser session is redirected to the malicious site, a warning message claims the computer is running suspicious applications and the user is encouraged to run a scan. As usual, the result is that the machine is infected with malicious threats and the scam is to trick the user into downloading a fake disinfection tool.
Source: ZDNet News
No comments:
Post a Comment