In a reprise of an old trick -- leveraging celestial events -- cybercriminals are using search-engine optimization poisoning to attract victims to a rogue software site, Trend Micro researchers said Thursday.

When a user seaches for information on the recent solar eclipse, the results may contain links to scareware-hosting sites. The ruse is not the first to capitalize on heavenly events. For example, after a blood-red lunar eclipse in February 2008, hucksters tried to lure users into downloading malware onto their systems.

In a post on the TrendLabs Malware Blog, senior threat researcher Joey Costoya, who is credited with discovering the attack, described how the the latest scam works:

“When users query the phrase ‘solar eclipse 2009 in America' in popular search engines,” according to the post, “certain top ranking sites would redirect users to a malicious site under the domain name antispyware-scannerv3,” which is where the malware is hosted.

Wednesday's eclipse, with a trajectory over China and India, was the longest total solar eclipse of the 21st century.


Courtesy: Trend Micro