1. Ransomware installations

In the last week we’ve seen some new screens presented by Blackhole exploit kit installations. The first exploit claims that the Windows installation “has been blocked” and demands a payment of 50 Euros (about US $66) by untraceable UKash or Paysafe checks.



And another, allegedly from Scotland Yard, similarly claims the victim’s machine has been locked because it’s been used to view pornography. Payment is demanded by untraceable UKash.




2.  Facebook Scam of the Week: “Oops!!! There was a hidden camera in Bieber’s bedroom.”

This week’s top Facebook scam uses Justin Bieber’s name to lure users into a never- ending spiral of surveys promising fake prizes. The real point is to get users to share personal info they would normally never share with strangers.



After a user shares a link to the Facebook scam they are promised to see a video from a hidden camera in Justin Bieber’s bedroom.



But after sharing the link to their wall they are then told they must fill out surveys.



This is how the scammers make their money. The more people that fill out the surveys with real information the more money they make.



In the end you never get to see a video because it does not exist.

At the bottom of the scam page you will see many of the victims posting comments that they shared the video but are still unable to see the video. So they fell for the scam but still haven’t realized it yet. If you have friends like this perhaps its time to clean up your friends list.



3. The official DivX codec “labs” sub-site, which is used for making betas available to the public, is hosting fake pharma ads.




These pages are simply injected into their forum.

We detect the actual pharmacy spam site these ads redirect to.



Search engine results to the pages are loaded with “no prescription” notifications:




– AVG Threat Research Group