Concerned about recent PAN-OS and other firewall/VPN CVEs? Take advantage of Zscaler’s special offer today

Zscaler Blog

Get the latest Zscaler blog updates in your inbox

Security Research

New Fake AV Pages

June 04, 2010 - 1 min read

There have been a number of changes in the world of Search Engine Optimization (SEO) poisoning attacks. I reported yesterday that there we're seeing ever more dangerous exploits using Flash and Java.We're now also finding new types of fake AV pages. While these pages are visually similar to the previous fake AV pages, the source code is very different. The Javascript code is more compact and is included inline with the HTML page.

New fake AV page

Most of these new fake AV pages are hosted on The spam SEO urls look different and are harder to spot because they now look like regular URLs for static HTML pages. The malicious executable associated with the attack is currently detected by 10 antivirus vendors of 40.

Interestingly, some of the hacked sites that were used to redirect users from Google to Java/Flash exploits are now used to redirect to this new fake AV page.

-- Julien
form submtited
Thank you for reading

Was this post useful?

dots pattern

Get the latest Zscaler blog updates in your inbox

By submitting the form, you are agreeing to our privacy policy.