Final episode of ‘Lost’ used by hackers to spread the MySecurityEngine fake antivirus
05/19/2010

- Other series and films also used as bait to distribute malware: PandaLabs has detected similar attacks using keywords including Glee, Family Guy and Iron Man 2

Online PR News – 19-May-2010 – – The recent death of rock singer Ronnie James Dio has been used to distribute fake antivirus programs.

PandaLabs, Panda Security’s anti-malware laboratory has in the last few hours detected the proliferation in search engines of numerous Web pages distributing the MySecurityEngine fake antivirus. The ‘bait’ used in this case has been the much anticipated final episode of the series ‘Lost’.

There is nothing new about the way this infection operates. When someone searches for information relating to this series on the Internet, such as news on the final episode or how to view it through streaming, fake Web pages would appear which have been expertly indexed to appear in the leading positions among the results (image available at: http://www.flickr.com/photos/panda_security/4621101704/). If users click these links, they will be prompted to accept the download of a file, such as a codec, and the fake antivirus will be installed on the computers. You can see a pic at: http://www.flickr.com/photos/panda_security/4621101736/

And it is not just ‘Lost’ that is being exploited in this way. In the last few days we have also detected similar techniques to lure potential victims using series including ‘Glee’, ‘Family Guy’ or the recent release of the film ‘Iron Man 2’.

The recent death of the Rainbow and Black Sabbath rock singer, Ronnie James Dio, has also been exploited by hackers to deploy a powerful Black Hat SEO attack across the Web.

According to Luis Corrons, Technical Director of PandaLabs, “What continues to surprise us is the speed with which the numerous websites are created and then indexed and positioned on the Internet. As the screening of the final episode of ‘Lost’ approaches we expect the number of malicious links to double or triple.”

With this in mind, we recommend users (particularly fans of the series) to be wary when visiting websites through search engines, and try to make sure the pages they visit are reliable. If users should be directed to fake websites, it is essential not to accept any downloads. “Using your common sense and having good up-to-date protection installed are the two best ways of staying safe from these threats”, adds Corrons.

More information at www.pandalabs.com

About PandaLabs
Since 1990, its mission has been to detect and eliminate new threats as rapidly as possible to offer our clients maximum security. To do so, PandaLabs has an innovative automated system that analyzes and classifies thousands of new samples a day and returns automatic verdicts (malware or goodware). This system is the basis of Collective Intelligence, Panda Security’s new security model which can even detect malware that has evaded other security solutions.
Currently, 99.4% of malware detected by PandaLabs is analyzed through this system of Collective Intelligence. This is complemented through the effort of several teams, each specialized in a specific type of malware (viruses, worms, Trojans, spyware, phishing, spam, etc), working 24/7 to provide global coverage. This translates into more secure, simpler and more resource-friendly solutions for clients.
More information is available in the PandaLabs blog: http://www.pandalabs.com
For more information, visit http://www.pandasecurity.com/.

For more information:
communication@pandasecurity.com
Tel. +34 91 806 37 00