Experiencing the spirit of the biggest football festival in the world, hackers have taken advantage of World Cup with a new sophisticated wave of BlackHatSEO attacks.

When users search Google with keyword “espn world cup schedule”, they may get malicious result as below:

Picture 1 : Malicious result for “espn world cup schedule”

Clicking the result, users will be redirected to a FakeAV which showing many fictional infections on your computer.

Picture 2 : FakeAV

The sub-domains used in this BHSEO campaign are free domains registered at website

Hackers have made these BlackHatSEO attacks more sophisticated by using Ban IP address technique. If an IP is redirected to that FakeAV page more than once in a certain period, that IP will be redirect again to a genuine page. This technique causes trouble to security experts in investigating and tracking the FakeAV

Picture 3 : The genuine page

Bkis would recommend users to raise their awareness when enjoying World Cup and using Internet, and update the latest version of antivirus software on their computers.


Leave a Reply

Name (required)
Mail (hidden) (required)
Text to Identify

Popup Date Time Portlet

Blogs Aggregator

Recent Posts

Blog Category Portlet


Store Portlet


Vote Baby Portlet