TrendLabs researchers were alerted to the discovery of spammed messages that contained Twitter URLs. The spam uses subjects such as N3 Earn Extra Income! 7L, C2 Exrtra Income Daily 4P, and Q0 $$$ Oppurtunity 6O. It informs users about supposed work-from-home opportunities for Google that pay good sums of money. It then entices users to click the Twitter URL to view the details of the bogus ‘opportunities.’ When users click the link, they will land in the sender’s Twitter page where another URL is ...

Media reports have revealed the existence of fake blogs that were used to spread FAKEAV malware. The blogs do not actually contain any useful content. Instead, they have posts that contain nothing but images with post titles that use a wide variety of topics. The images used appear to have simply been taken from a Google Images search with the post title in question as the search term. If a user visits the blogs in question by merely entering their URLs, ...

TrendLabs threat analysts found another FAKEAV campaign piggybacking on the Leonid meteor shower and the much-anticipated sequel to the Twilight saga, New Moon. Users searching for news and updates using the keywords “meteor shower tonight november 16 time” and “New Moon premiere live stream” end up with poisoned search results. These results redirect users to fake online scanners, which ultimately lead to the download of a FAKEAV variant detected by Trend Micro as TROJ_FAKEAV.MET. Upon execution, TROJ_FAKEAV.MET drops malicious files and displays ...

As Filipinos and Puerto Ricans were busy rooting for their champions in yesterday’s fight, so were cybercriminals who wished to capitalize on the match. Through SEO poisoning, users searching for a live stream of the Pacquiao vs Cotto fight were instead served a FAKEAV variant. According to Threat Response Engineer Jasper Manuel, search results led to the download of TROJ_FAKEAV.MAN. Clicking the link displays the following image: Users who are interested in watching Pacquaio’s upcoming fights (i.e., with Mayweather) are advised to stay away from ...

Trend Micro threat analysts received samples of spammed messages purporting to have come from mobile phone companies, Vodafone and Verizon Wireless. The email messages carry the subject, “Your credit balance is over its limits” and inform users that their credit balance is due. To be able to review the payments, users should employ the balance checker tool attached to the email. When users open the attached .ZIP file, they will not find a balance checker tool but will instead get a malicious file (balancechecker.exe) ...