Experiencing the spirit of the biggest football festival in the world, hackers have taken advantage of World Cup with a new sophisticated wave of BlackHatSEO attacks.
When users search Google with keyword “espn world cup schedule”, they may get malicious result as below:
Picture 1 : Malicious result for “espn world cup schedule”
Clicking the result, users will be redirected to a FakeAV which showing many fictional infections on your computer.
Picture 2 : FakeAV
The sub-domains used in this BHSEO campaign are free domains registered at website co.cc.
Hackers have made these BlackHatSEO attacks more sophisticated by using Ban IP address technique. If an IP is redirected to that FakeAV page more than once in a certain period, that IP will be redirect again to a genuine page. This technique causes trouble to security experts in investigating and tracking the FakeAV
Picture 3 : The genuine page
Bkis would recommend users to raise their awareness when enjoying World Cup and using Internet, and update the latest version of antivirus software on their computers.