Notorious Worm Stuxnet Used in Poisoned Search Results

Cyber crooks are now taking advantage of the infamous Stuxnet worm as a way to deploy malicious code.

Trend Micro researcher Ivan Macalintal has discovered poisoned search results leveraging on this notorious malware threat. Among the search strings used in this blackhat SEO campaign were “stuxnet SCADA,” “stuxnet removal tool,” “stuxnet cleanup,” “stuxnet siemens” and “stuxnet worm.”

Some of these poisoned search words and phrases came up as top results. One of the malicious URLs lead users to sites that exploit vulnerabilities. Additionally, in some of the search results, users are redirected to sites with PDF and SWF exploits.

“In effect, it leads to various payloads which include a downloader that installs other malicious codes on the system, and a FAKEAV variant detected as TROJ_FAKEAV.SMZU,” Bernadette Irinco writes on the Trend Micro Malware Blog. “FAKEAV variants are known for banking on popular searches and news events to lead users into buying rogue antivirus software.”

In another example, a malicious URL disguises itself as a bogus YouTube page pointing users to a malware. Trend Micro has detected it as TROJ_CODECPAY.AY.

Notorious Worm Stuxnet Used in Poisoned Search Results

You may also be interested in...

DHS Expands CDM Approved Product List With McAfee Data Security Solutions

McAfee’s device-to-cloud data protection and threat prevention products are now available on the Department of …

GSA Seeks Cloud-Based Audit, Risk Management Tool

The General Services Administration has issued a request for information on ideas intended for the …

Zscaler Web Gateway Tool Gets FedRAMP Certification; Stephen Kovac Comments

Zscaler has received a Federal Risk and Authorization Management Program certification for its internet security and …