Our good friends at F-Secure AV company have blogged about a new and significant malcode-delivery technique: publishing a web page with a .pdf file on it then changing the .pdf link to something malicious after search engines index the page.
What they found delivered a rogue security product (but of course.)
Nice work F-Secure.
FSecure blog piece here.
Yes, it’s one more creepy thing on the Internet, as if we need any more. The lesson for us all:
— be aware that it is possible,
— keep alert for the mechanism
— keep your AV protection running and updated. (Shameless plug: VIPRE version 4.0 came out this week. Check it out here. )
Tom Kelchner