Protecting over 200 million PCs, Macs, & Mobiles – more than any other antivirus

June 2nd, 2009

University redirectors

It looks like malware authors are using slighly modified tactics for spreading malware. In order to circumvent the website reputation services, they’re now hosting malware redirectors on famous US university sites.Since such domains are usually trusted by both the users and the reputation services, this ‘layer’ of security is not effective for such a kind of attack. Since the academic world is also quite open and lets almost anybody upload anything, even completely unknowning users can setup programs and services in unsafe way. The names of schools and other identification details were removed from the following list:

edu_redir1

Small excerpt from our malware url database.

And, how to get there? Simple, just ask for some porn based keywords on Google, and you should spot it in first 20 results:

edu_goo1

Google results.

This link leads just to the simple redirector page:

Simple redirector

Simple redirector

This page redirects users to another redirector, which then leads to the fake porn site with faked codec. And that’s another story.

Categories: analyses Tags:
Comments are closed.