Security experts are warning Apple fans searching for more news about the firm’s upcoming iCloud service to beware of poisoned search results that could lead them to fake anti-virus web pages, reports “V3” (http://macte.ch/ugMzA).
Trend Micro fraud analyst Paul Pajares said in a post on the Trend Labs Malware blog (http://macte.ch/mKSZb) that his team had uncovered several attempts by cyber criminals to take advantage of the popularity of the search term.
“Cybercriminals typically use search engine optimization (SEO) poisoning techniques to trigger malicious URLs hosting FAKEAV malware. These blackhat SEO techniques use Google as its referrer to run the malicious file download,” he writes. “In this case, the file downloaded is one named SecurityScanner.exe, or what Trend Micro detects TROJ_FAKEAV.HKZ.”
He adds: “Using the keyword ‘icloud mymobi’” results in a possibly malicious URL. MyMobi appears to be a compromised news site about gadget information. We’ve previously blocked the site because of the malicious activity, but since it appears that the site has since then cleaned up, it is now unblocked. In the image pictured above, the domain mymobi.com is infected with files containing the file name “.php3″ and the “icloud” keyword. In this instance, hackers insert topics containing keywords to gain high page ranking in Google search results for phishing bait, specifically for the rogue antivirus software, Windows Antispyware for 2012.”
These URLs aren’t accessible via the URL address bar. Instead, they show up in Google searches. Pajares added that the Trend team has also seen several pages with file names containing “apple” and “icloud” in what look like compromised sites, indicating a “possible co-ordinated mass compromise leveraging these keywords.”
Earlier this month, Apple introduced iCloud, a set of free new cloud service that works with applications on your Mac, iPhone, iPad, iPod touch or PC to automatically and wirelessly store your content in iCloud and automatically and wirelessly push it to all your devices. When anything changes on one of your devices, all of your devices are wirelessly updated almost instantly. It will debut later this year.
— Dennis Sellers