MISCELLANEOUS

Halloween Black Hat SEO Campaign Brings the Monster under the Bed Closer

You

 

Halloween is just around the corner, and while you’re getting ready for some pumpkin pie and other delights around Jack o’ the Lantern, cyber-crooks are hard at work, busy to bring you the crème-de-la-crème in terms of search engine poisoning.

Two malware runs are particularly important these days. If you’re planning to find templates for Halloween invitations, or if you’re trying to find a print shop for what you already have, then you should keep an eye on what search results you’re about to click.

Halloween Black Hat SEO

Malicious results for queries related to Halloween

Black-Hat SEO is a technique in which cyber-criminals manipulate the relevancy of the organic results displayed by search engines in order to redirect the users looking for specific search terms on pages that could potentially harm them. In this case, these crooks use a variety of legit domains that have been hacked into and infected with malware (you should note the random folders created in the root of the domain). 

Depending on your “luck”, you might encounter one of the following scenarios:

  • You stumble upon an infected link that will redirect you to an assortment of rogue antivirus websites that try to scare you into buying useless “security utilities”;
  • You get lured into installing “klcodec-2010”, a codec that is allegedly necessary in order for you to correctly view your Halloween card. The so-called codec is nothing more than the infamous TDSS Trojan, a rootkit-enabled piece of malware that is used for a variety of purposes, from sending spam mail to stealing information related to e-banking.

Here are a couple of hints on what to do in order to stay safe during the holidays:

  • Make sure you have installed an antivirus solution and you have updated it already;
  • If you are a BitDefender user, make sure that Search Advisor is turned on – never click on any links that have been labeled as dangerous;
  • If you’re getting any warning message when visiting a page, leave it at once;
  • Do not install software from untrusted locations, especially when they impersonate a codec. Use the vendor’s page instead if you plan to download this kind of software.

If you’re reading this article a little too late for prevention, you should run a free, 60-second QuickScan to see if your computer’s security has been affected.

About the author

Bogdan BOTEZATU

Bogdan Botezatu is living his second childhood at Bitdefender as senior e-threat analyst. When he is not documenting sophisticated strains of malware or writing removal tools, he teaches extreme sports such as surfing the web without protection or rodeo with wild Trojan horses. He believes that most things in life can be beat with strong heuristics and that antimalware research is like working for a secret agency: you need to stay focused at all times, but you get all the glory when you catch the bad guys.