Super Bowl associations: football, nachos, big screens and … malware?

The Super Bowl is the one of the biggest and most watched television events of the year in the United States. People everywhere scour the internet looking for predictions, gambling spreads and news before the event and scores, stories and clips after the event. In anticipation of the increased search traffic for Super Bowl-related terms, cybercriminals have shown themselves to be well-organized and planning ahead. Search results for Super Bowl-related search terms are already turning up top-ten results linked to malicious websites.

Among the poisoned search terms detected by eSoft are: 
Super bowl 2010 score
Super bowl 44 MVP
Super bowl 2010 entertainment
Super bowl champions 2010

For some of these searches, the top result is malicious. It seems that this round of poisoning is, so far, being done by the Rogue AV outfits as these links lead to sites with fake antivirus software and low detection rates from legitimate anti-virus software:

Background

Poisoned search results are becoming commonplace. Most recently, searching for information on the earthquake in Haiti returned large numbers of poisoned results. Getting bogus search results to the top of the rankings is commonly achieved by linking to the site from compromised sites or fake blogs and thereby boosting the apparent popularity of the bogus site. The bogus site is then used to compromise the machine of visiting users through social engineering tricks and browser or browser-plugin exploits.

eSoft’s automated systems quickly identify these risky websites and block them for customers and partners.

eSoft recommends confining Super Bowl searches to news search engines such as Google News.  These results tend to be safer since the sources have gone through an approval process.

Comment on this blog