Sunday, February 28, 2010

Beware of Fake Alerts and Antiviruses When Google Searching the recent Chile Earthquake

Symantec issued a security response in a blog posting yesterday stating the following:

A massive earthquake struck near the Chilean city of Concepcion in the early hours of the morning of February 27th, 2010. The quake measuring 8.8 on the Richter scale was considerably stronger than the one that recently caused widespread destruction on the island of Haiti. Fortunately, despite the size of this latest quake, so far there has been few reported casualties. The quake occurred near the coast and tsumani warnings were issued for many countries bordering on the Pacific ocean. Unfortunately as with any major news event, miscreants are not slow to pounce when such opportunities arise to further their aims.

Search engine results returned for terms such as “Chile Earthquake” are being poisoned to lead users to rogue antivirus web sites.


For further investigation and curiosity, I changed the keywords a little and to my surprise the rogue antivirus webpages are appearing on the first google search page.

Any combination of keywords such as tsunami, santiago, chile, earthquake, pictures, etc. would display poisoned search results on google. Many of the results appear to be compromised legitimate websites. A small sample of such websites include the following (enter at your own risk):