Recently, we’ve come across a number of legitimate sites that have been hacked to redirect to various rogue anti-malware “scan” sites (including Antivirus2009).
The hack involves a twist. Visiting the sites directly (i.e. via a bookmark or manually entering the address) results in no redirect and, often, no signs of the hack. The malicious redirect only occurs when a user arrives at the site via search engine results.
This clever tactic serves to effectively delay any fixes. Site owners’ visiting their site directly won’t see any evidence of the redirect. But since many sites receive a majority of their traffic from search engines, that large majority of users will keep getting redirected to the malicious site.
The root cause of many of these hacks is › Continue reading