While testing some Google searches, I came across an interesting result searching for Cialis, a popular anti-erectile dysfunction drug commonly sold by dubious online resellers. The fourth Google result returned a forum for Silverlight, a programmable web browser plugin by Microsoft (Figure 1). Interested, I clicked on the link and found an interesting post.

This doesn’t really look like a med spam, since everything is just plain text advertisement with no Buy Now or Click this link, but this is close to being a med spam, probably a failed attempt to create one on the Silverlight forum website. So I kept on looking and found other Silverlight forum members peddling other Cialis and other drugs, and this time, successfully creating a med spam site on the Silverlight site.

I found around fifty of these med spam pages hosted free by Silverlight, all of which are supposed to be profile pages of Silverlight Community members, but crafted by the “member” to advertise med spam.

More troubling is that this doesn’t end with med spam. Some spam profile leads to fake anti-virus programs. Several “RedTube” profiles (supposed to be porn video streaming) link to a site which needs you to “download the Tube Video player to play this video”.

The downloaded file install.exe is actually a fake AV detected as TROJ_FAKEAV.ODN.

We’ve alerted Microsoft of this abuse. We are hoping that the spam posts will be deleted as soon as possible. Meanwhile the Trend Micro Smart Protection Network provides users complete protection against this threat.