Cybercriminal malware methodology highlighted with celebrity arrest

Fernanda Romero was arrested this week for marriage fraud amid allegations. Panda Labs says that cybercriminals quickly followed up on the arrest with a raft of spam and malware-infected websites that lured Spanish speakers in on the promise of information about the arrest.

According to Spanish-speaking newswires, Ms Romero is alleged to have paid an American man to help her become a US citizen. And, says Panda Labs, the research arm of Panda Security, whether this is true or not, the bad guys have taken advantage of this and started spreading the rogueware SecurityMasterAV.

If users follow the links of any of the malicious search results online, they end up being redirected to websites like www1.check <blocked>.co.cc or www1.cover<blocked>.co.cc from which a file called PACKUPDATE107_195.EXE is downloaded - and which is detected as Adware/SecurityMasterAV.

According to Panda, the websites displayed have nothing to do with the search carried out. Instead of it, an image that seems to be `My Computer' is displayed with an alert message of infection after having scanned the system.

What's interesting about Panda's research into the spam and malwarefest that has resulted following Ms Romero's arrest is that it highlights the significant uptake in internet usage in South America and other Spanish-speaking countries/regions, Infosecurity notes.

According to Internet World Stats, South America now boasts an internet penetration percentile of 36.5%, but the real statistic is the fact that 2000/2009 penetration growth in the region has soared by an incredible 901.3%.

What’s hot on Infosecurity Magazine?