News Archive

Twitter worm hits goo.gl, redirects to fake anti-virus

Kaspersky Lab malware researcher Nicolas Brulez said the original “goo.gl” links in the Twitter messages are redirecting users to different domains with a “m28sx.html” page.  That page then redirects to a static domain with a Ukrainian top level address.

As if it was not enough, this domain redirects the user to another IP address which has been linked in the past to fake anti-virus distributions.  ”This IP address will then do the final redirection job, which leads to the actual Fake AV site,” Brulez explained.

Once a user’s browser session is redirected to the malicious site, a warning message claims the computer is running suspicious applications and the user is encouraged to run a scan.  As usual, the result is that the machine is infected with malicious threats and the scam is to trick the user into downloading a fake disinfection tool.

Source: ZDNet.com

PC Tech

Posts on this account are made by various editors.
Back to top button
Do NOT follow this link or you will be banned from the site!
Close

Adblock Detected

Please disable your adblocker to continue accessing this site.