zveloLABS™ has detected a new widespread compromise, with tens of thousands of domains infected. Cybercriminals have used stolen credentials, placing specially crafted pages into legitimate websites that lead visitors to malicious payloads.
This post is for those users who are not already familiar with this widespread and common threat known as “Rogue AV,” or fake anti-virus software.
zveloLABS™ researchers have been tracking a recent campaign abusing Google Groups to spread malicious links in Spam emails. Users following the link are infected with a Downloader Trojan, silently infecting the machine with various types of malware including Rogue Anti-Virus.
Today, the Boeing 787 Dreamliner jet completed its much awaited first flight. As users searched to find videos and news articles related to the story, blackhats quickly moved in for yet another attack against Google search results.