I love this one, I was reading the Sans Report about Michelle Obama Ta’s Ta’s on Video. I wanted to investigate this a little further so I went searching around. I found some comment spam links to a site I will not talk about the links directly. The site however had a fake video on it :
It looks like if you hit Cancel or Details it keeps trying to tell you need to install an ActiveX Object. It also makes the user think that there is only one option to use right now. As you can tell it makes you think you can’t cancel or get details but I did. I tried to cancel and it kept on popping up trying to get you to install this active X installer. AVG detects it as:
[ad]This proves the fact that any Anti-virus software is better than nothing at all. I also have talked in the past about [intlink id=”2991″ type=”post”]fake codecs and how they are used maliciously[/intlink] to spread malware to people who aren’t up to the job. I didn’t take long to find Phrases such as “Michelle Obama Topless” or “Michelle Obama Topless Video” to find spam comments linking to sites that are hosting these types of malware. It seemed that in order to get out of the cycle with the Malware site, I had to do a CLT-ALT-DELETE and End the process of Internet Explorer process from Task manager. It was an infinite loop and could not be closed any other way. upon trying to go the link again it seems to be a random redirection every time you visit that site the next time I went there, I had a scare message pop up telling me:
As you can tell this [intlink id=”3397″ type=”post”]pops up with scareware[/intlink] instead of the video and tries to tell you have a virus and you should run a free scan from the site of their choice. This is an old tactic and still being used but funny if you look at that message one you know it is from a “Webpage” and two there are at least one grammar error? Can you see it?
You’re best bet is not to go clicking on links that people have left in comments. I am so glad I have moderation turned on and I have to approve each and every post someone comments on. This is the only way I know how to prevent from being used in the spam campaign. Remember it is time to update your [intlink id=”2205″ type=”page”]Anti-virus and Firewall [/intlink]if you don’t already have it. Don’t forget to visit the Forums and help discuss this problem in detail.
Yes, there is a plethora of websites that hide nasties.
As you said, free AVG is better than no anti-virus. It has gotten me out of binds on several occasions.
Thanks for posting the screenshots it is really helpful to see exactly what they look like.