Cyber criminals cash in on Korea clashes

Search requests related to Korean border incident hijacked by fake AV scammers

Tags: Cyber crimeMalwareSouth KoreaTrend Micro Incorporated
  • E-Mail
Cyber criminals cash in on Korea clashes The malware attempts to redirect search results related to border clashes between North and South Korea. (Getty Images)
By  Mark Sutton Published  November 24, 2010

Cyber criminals are already attempting to cash in on yesterday's clashes between North and South Korea, according to Trend Micro.

The security company reports that within several hours of the cross-border incident, search results related to the subject of the clash, had been poisoned by scammers.

Hijacks were detected for both English and Korean languages.

The hijacked search results direct users, depending on browser to a fake ActiveX control or a Flash Player update, which then uses a fake anti-virus threat, to try to convince the user that their PC has been infected and that they need to buy bogus anti-virus software to remove it.

In a security blog posting, Trend said that the fake antivirus variant seen in this attack is now detected as TROJ_FAKEAV.SMRY, and that the company was already blocking the sites hosting the malicious files.

Add a Comment

Your display name This field is mandatory

Your e-mail address This field is mandatory (Your e-mail address won't be published)

Security code