As always, attackers are hard at work on the black hat SEO front. Today’s target is the Apple iPad.
Search engine optimization poisoning is being used to rope users entering keywords such as “Apple Tablet” and “Apple iPad rumor” into downloading rogue security software. According to Symantec, the terms lead users to results from malicious sites such as youcanbesureforsafe.net, mastersmegasecurity.net and antyspywarescanblog.com.
On its blog, a screenshot taken by Symantec showed the poisoned results were among the top 20 results appearing on Google. Such campaigns typically follow the news. For example, in the wake of the earthquakes in Haiti, scammers hit search engines with similar efforts to try to lure users to malicious sites.
Symantec says it detects the rogue security software associated with the Tablet results as Trojan.FakeAV!gen13. Network administrators can add xtijzl.xorg.pl and the IP address 126.96.36.199 to a blacklist, as they are used in the attacks, Symantec advised.