Spamblogs Pushing Rogue Antivirus Programs

| | Comments (2)
Nothing earth-shattering, but worth a mention anyway. I've noticed a couple of blogs pushing security blog feeds are also hawking pretend Youtube vids:

Click to Enlarge

When the videos are clicked, you'll find your browser vanishes down onto the taskbar, replaced by this sitting in the middle of the screen:


Once you click the popup box away, you're confronted with this:


Click to Enlarge

...a randomly selected rogue antivirus product. From here on it, any and all attempts to get rid of this page results in an endless barrage of popups, scare tactics ad hilariously lame warning messages (note the first one is called a "Security Update"):





Wow, they just get more and more hysterical, don't they?

The site to block that's pimping the fake videos is




After reading this article, I was wondering if you have noticed a significant presence of spam forums using similar techniques lately? I run a free forum host and I notice every once in a while a forum is created where the admin uses a javascript redirect code to hijack / redirect the visitor from the forum's URL on my server to similar sites as mentioned above pushing fake video files. Of course I delete anything I find right away, however I was wondering if you noticed at all a trend of forums on free forum hosts being hijacked / redirected to these spam blogs or malicious websites?


Hey! I've heard a few people mention something along these lines but not seen an example of it - if you have any, feel free to email me


and I'll try and check it out before you delete it (or failing that, grab some screenshots and send them my way too, this sounds pretty interesting).

Leave a comment

About this Entry

This page contains a single entry by Christopher Boyd published on August 11, 2008 7:50 PM.

Marketing Bot Allows Insertion of Custom Facebook Feed Messages was the previous entry in this blog.

Trust No One? is the next entry in this blog.

Find recent content on the main index or look in the archives to find all content.