14 DAY TRIAL // Security researchers warn that an on-going black hat search engine optimization (BHSEO) campaign is poisoning the search results for Twilight's newly released sequel called New Moon. The rogue websites have the purpose of distributing fake antivirus software, also known as scareware or rogueware.
Twilight is a romantic vampire movie based on Stephenie Meyer’s novel with the same name. It was released in 2008 and enjoyed economic success with ticket sales being estimated at over $380 million worldwide.
The movie's sequel, entitled "The Twilight Saga: New Moon," is based on Stephenie Meyer’s second book in the series and is scheduled to be released today. Understandably, this event has attracted a great interest from Twilight fans who are feverishly searching the Internet for information about tickets, show times, reviews and so on.
Security researchers from Trend Micro warn that keywords such as "New Moon premiere live stream," which might appeal to those looking for ways to see the movie without paying, have been particularly targeted. "These results redirect users to fake online scanners, which ultimately lead to the download of a FAKEAV variant detected by Trend Micro as TROJ_FAKEAV.MET. Upon execution, TROJ_FAKEAV.MET drops malicious files and displays fake warning messages. These messages urge users to avail of a bogus antivirus product, Security Tool," Erika Mendoza, threat response engineer with the company, explains.
Meanwhile, malware analysts from PC Tools, a security company now owned by Symantec, reports about a similar scheme that hijacks search results for Stephenie Meyer. "Fans searching for more information about her and the movie will come across a site promising an online interview. Instead, it's a 'Vampire Byte' to suck out your financial information and install malware on your computer," the company advises.
"New Moon" is certainly not the first movie whose premiere is leveraged by cybercriminals through BHSEO. Back in June, we presented similar campaigns targeting the launch of "Harry Potter and the Half Blood Prince." Security experts warn that this is likely only the beginning and that more Twilight-centered scams will surface in the upcoming weeks as the movie starts making its debut across the globe.