Malware, scareware appear in search results provided by Office.Microsoft.com

From: http://www.mxlogic.com/securitynews/web-security/malware-scareware-appear-in-search-results-provided-by-officemicrosoftcom370.cfm


Security researchers say that black-hat SEO has created an opportunity for scareware purveyors to spread their bogus software to unsuspecting users via one of Microsoft's own websites.

Malware experts at Websense last week released a blog post detailing the presence of malicious websites redirecting to a rogue anti-virus page in search results from Office.Microsoft.com. Websense says that the problem is made more serious by the fact that Microsoft adds a redirect from its own page, so the malicious URLs appear to be hosted by Microsoft, not the malware pushers.

The researchers said that the phony anti-virus program is "very real-looking" and that most anti-virus products do not recognize the executable as being malicious. PC Magazine reports that Microsoft has issued a statement, saying that the malicious redirects were introduced via a vulnerability in a third-party tutorial on the Office website.

Scareware pages pushing fake anti-virus software has been one of the fastest-growing types of online criminal activity over the past year, experts say. Generally run by well-organized criminal gangs in Eastern Europe, the scam has taken in millions in profits.ADNFCR-1765-ID-19551370-ADNFCR