Alerts
Ice Skating Car Video Black Hat SEO
Date:01.11.2010
Threat Type: Malicious Web Site / Malicious Code
Websense Security Labs™ ThreatSeeker™ Network has discovered that a popular video called "Paignton Ice Skating for Cars" has been targeted by both SEO poisoning attacks as well as Web spam.
As a wave of icy weather is currently hitting large parts of Europe, the video has proved to be very popular, with currently more than 850,000 hits on Yahoo Video. A different uploaded version on YouTube has had more than 1 million views so far. Criminals have used the video's popularity as an opportunity to spread rogue anti-virus programs by poisoning the search results of major search engines. When the term "ice skating car" is searched via Google, nearly half of the search results on the first page redirect the user to rogue anti-virus sites. Clicking any of those links takes the user to a Web site with the message: "Your PC is at risk of virus and malware attack." That's an old trick used to lure unsuspecting users to download a fake anti-virus installer.
Here is the screenshot of the first page of a search for "Ice Skating Car" in Google: 
This is the screenshot of the fake anti-virus site: 
The black hat search results in Google redirect the user through several sites, most of which are hosted in Russia, before finally landing in the rogue anti-virus site. The criminals often change the second site in the redirection chain in order to make it harder to detect. The file has a relatively low AV detection rate.
Websense® Messaging and Websense Web Security customers are protected against this attack.