1. “Canadian pharmacy” uses phony YouTube video to attract business
The AVG Web Threats Research team this week found a “Canadian pharmacy” site that has loaded up YouTube with phony videos really intended to game search engine results and draw visitors to their site.
A YouTube search for “nail technician schools in Houston” turns up three legitimate hits about schools, then a lot of other interesting results — each linking to pillsrx24.com. That domain was registered by someone in Moscow, Russia, who appears to live in a pleasant residential section near the Academy of Science botanical gardens in the northern suburbs (thanks Google street view.)
Clicking out the first link presents 26 seconds of video from a Fox news piece on the Food and Drug Administration investigation of questionable eye lash conditioner, then a link to a “pharmacy” site where a visitor can allegedly purchase Lumigan, a drug used to treat glaucoma. The video was uploaded by someone using the name “GerardviWomack”.
A Google search for Lumigan, interestingly enough, presents a link to Gerardvi’s/Fox News’ “Eyelash Wars” video.
Oh, and “GerardviWomack”? He posted 21 similar videos on YouTube last month:
Web users, of course, should be aware of the dangers of purchasing drugs from questionable web sites which usually sell phony products or simply exist to steal credit card information. The YouTube videos demonstrate the elaborate lengths to which these untrustworthy operators will go to get their advertising in front of you.
2. Blackhole-linked ransom ware page under construction
This would be funny if ransom ware wasn’t a miserable problem for those who get infected with it. Someone who is writing a ransom ware page that is installed by the Blackhole exploit kit has it “live” while he’s working on it. Notice the text that says “test.”
Two days previous to that view was this:
3. New Rogue GUIs
Below is a sampling of the graphic interface variants, many delivered by the Blackhole exploit kit that we’ve seen in the last week:
Antivirus Protection 2012 rogue
Windows Antivirus Rampart rogue
Windows Guard Tools rogue
Windows Multi Control System rogue
Windows Pro Safety rogue
Windows Safety Maintenance rogue
Windows Ultimate Security Patch rogue
– AVG Threat Research Group