A software glitch involving a leading computer security firm has given malware authors a new way to distribute their product.
An update for McAfee’s anti-virus products was found to be faulty this week. It caused security software installed on computers running Windows XP Service Pack 3 to generate a false alarm about a security problem involving non-existent malware. The computer would then respond by shutting down.
The glitch caused problems worldwide, affecting computer systems in businesses, government departments, and even hospitals. McAfee quickly issued a fix for the problem.
However, malware distributors seized on the scare to direct unwitting users to their infected pages. This was done through search engine optimisation, in which a user seeking information about the problem would get links to the malware sources at the top of their search results.
A user clicking on one of these “poisoned pages” would receive a fake virus alert and then be offered a download to fix the “problem”. This would just give the user more malware, possibly designed to steal important information.
Anyone using Windows XP SP3 with McAfee security software installed, should go here to get advice.