Home / / Cyber criminals cash in on Korea clashes

Cyber criminals cash in on Korea clashes

Search requests related to Korean border incident hijacked by fake AV scammers

Cyber criminals cash in on Korea clashes
The malware attempts to redirect search results related to border clashes between North and South Korea.

Cyber criminals are already attempting to cash in on yesterday's clashes between North and South Korea, according to Trend Micro.

The security company reports that within several hours of the cross-border incident, search results related to the subject of the clash, had been poisoned by scammers.

Hijacks were detected for both English and Korean languages.

The hijacked search results direct users, depending on browser to a fake ActiveX control or a Flash Player update, which then uses a fake anti-virus threat, to try to convince the user that their PC has been infected and that they need to buy bogus anti-virus software to remove it.

In a security blog posting, Trend said that the fake antivirus variant seen in this attack is now detected as TROJ_FAKEAV.SMRY, and that the company was already blocking the sites hosting the malicious files.

Follow us to get the most comprehensive IT Security news delivered fresh from our social media accounts on Facebook, Twitter, Youtube, and listen to our Weekly Podcast. Click here to sign up for our weekly newsletter on curated technology news in the Middle East and Worldwide.