March Madness-related SEO Poisoning Leads To Rogue AV
Threat Type: Malicious Web Site / Malicious Code
Websense Security Labs™ has received reports that searching for March Madness-related terms in Google's search engine returns results that lead to rogue antivirus software. March Madness is the term given to an elimination tournament held each spring featuring college basketball teams in the United States.
With only a few days left before the tournament starts, if a user searches for popular March Madness-related terms in Google, malicious URLs as high as the first result are returned. Search terms that currently exist within the Top 10 of Google's Hot Trends (the most popular search results) return these malicious URLs.
The technique of search engine optimization (SEO) poisoning pushes the infected URLs to the top of the search results, to increase the likelihood of a user clicking through to the malicious link.
Ask.com is also confirmed to be affected in this way. Other search engines may be affected in a similar manner.
Screenshot showing affected Google results:
Screenshot of Web site hosting rogue AV:
Websense® Messaging and Websense Web Security customers are protected against this attack.