'Heath Ledger' search results lead to malicious sites

By

Cyber criminals are actively exploiting yesterday’s shock passing of Australian actor Heath Ledger by manipulating search results related to the actor to lead to malicious sites, Trend Micro has warned.

'Heath Ledger' search results lead to malicious sites
Only hours after the actor’s death, searching for terms “Heath” or “Ledger” resulted in malicious URLs appearing on search listings, according to Bernadette Irinco’s post on the TrendLabs malware blog.

Discovered by Ivan Macalintal, research project manager at Trend Micro, if a reader clicked on a malicious search result they could automatically be redirected to another unrelated site requesting the user to upgrade some software on their PCs.

“The site [then] requires the user to download a ‘new version of ActiveX Object.’ As expected, this is just the beginning of a series of redirections that end in the download of different malicious files (like TROJ_RENOS.LZ in one infection chain, and WORM_NUCRP.GEN in another),” wrote Irinco.

Millions of global and Australian readers are at risk after reports found that Ledger’s name was highly searched for yesterday and even topped several search engine results including Google’s 100 ‘Hot Trends’.

Adam Biviano premium services manager at Trend Micro A/NZ said the threat was almost predictable as any large scale news headline generally is under attack from some sort of malware attack.

"It’s interesting to see how quickly these malicious websites are appearing in search engines. Typically, high profile sites are indexed much more quickly.

“It may be the case that because a large news headline hits the streets the attackers are looking for websites that are already high in the search engine rankings to actually place their malware into.”

This isn't the first time hackers have been caught using SEO techniques to spread their malware. Last November Christmas search terms including ‘Christmas gift’ search results were used.

Ledger’s body was discovered yesterday in his New York apartment.
Got a news tip for our journalists? Share it with us anonymously here.
Tags:

Most Read Articles

India's alarm over Chinese spying rocks CCTV makers

India's alarm over Chinese spying rocks CCTV makers

Woolworths' CSO is Optus-bound

Woolworths' CSO is Optus-bound

Hackers abuse modified Salesforce app to steal data, extort companies

Hackers abuse modified Salesforce app to steal data, extort companies

Cyber companies hope to untangle weird hacker codenames

Cyber companies hope to untangle weird hacker codenames

Log In

  |  Forgot your password?