Our alert analyst Adam found this one, although we don’t know why he was doing web searches for “Miss Universe 2010.” He clicked on one, expecting to see long legs. Instead, he saw this pop up:
VIPRE detects it as FraudTool.Win32.SecurityTool (v)
The really mangled English should have given that away – for native speakers, anyway.
Clicking “OK” lead to this rogue:
The rogue “Security Tool” has been around since last October. We posted it on the rogue blog here.