Saudi Arabian Government Website Falling Victim to Antivirus 2008 (ANTIVIRUS-SCANONLINE.COM) Exploitation
TOKYO (MacHouse) - The cyber scum organization behind Windows OS-based malware title called Antivirus 2008 has exploited several new websites. One of the victimized websites is run by Saudi Arabian government’s investment authority known as Saudi Arabian General Investment Authority (SAGIA). (Screenshot 01 shows its English index page.) According to its About Us page, SAGIA was founded by the Saudi Arabian government in April, 2000. (See Screenshot 02.)
This Saudi Arabian investment authority website has been exploited and then used as a redirection point for the fake anti-virus scan website through the domain of antivirus-scanonline.com. As you probably know already, this fake anti-virus scan website has been installed to distribute a computer virus known as Troj/FakeVir-BF.
 Screenshot 01 - Source: www.sagia.gov.sa |
 Screenshot 02 - Source: www.sagia.gov.sa |
The cyber scum group behind Antivirus 2008 has exploited SAGIA’s website and installed ill codes/files to redirect Internet users to the fake antivirus scan website hosted through the domain of antivirus-scanonline.com. For example, if you access the link shown here, you will see a spam content titled ·$· BABY ·$· Save at least 10 % for a 1/2 second or longer. (See Screenshot 03.) If you don’t close the page, you will be eventually redirected to the fake anti-virus scan website hosted at the domain of antivirus-scanonline.com. (See Screenshot 04-5.)
 Screenshot 03 - Source: www.sagia.gov.sa |
 Screenshot 04 - Source: www.sagia.gov.sa |
 Screenshot 05 - Source: www.sagia.gov.sa |
Click on the button to watch a documentation video. 
Click on the button to watch more documentation videos.
References:
Briefly: 3 New Websites Falling Victims to the Exploitation of Antivirus 2008 (ANTIVIRUS-SCANONLINE.COM)
Antivirus 2008 (ANTIVIRUS-SCANONLINE.COM) Finding New Home in the Netherlands?
New York-Based Web Hosting Company Ezzi.net Failing to Pull the Plug Off Fake Anti-Virus Scan Websites
Hopefully, Saying Good-Bye to the Fake Anti-Virus Scan Websites of ANTIVIRUS-SCANNER.COM and ANTIVIRUS-SCANONLINE.COM for Now…
Victims of ANTIVIRUS 2008 (Malware) & Troj/FakeVir-BF Growing Exponentially
Failure to Remove Ill Files Converts Beacon University Websites Into Redirection Points for ANTIVIRUS-SCANONLINE.COM
ANTIVIRUS-SCANONLINE.COM: Response to a Comment at FORUMS.SLICKDEALS.NET
The Name of A Next Anti-Virus Scan Domain Will Be…
File Determined to Contain Troj/FakeVir-BF
What Do We Know About These Fake Anti-Virus Scan Websites?
Lehigh University’s Multiple Department Websites Exploited for Redirection to ANTIVIRUS-SCANONLINE.COM
ANTIVIRUS-SCANONLINE.COM: 15 Websites Victimized in the Latest ‘?prj’ Exploitation Scheme
Warning: A New Fake Anti-Virus Scan Website Discovered
********** ********** ********** ********** ********** ********** ********** **********
MacHouse is not funded by tax payers' money. We have limited resources. We also need time to sleep and eat just as others. So we will not act as the International police to contact all victims of website abuse. All you have to do is to subscribe to spam messages and spam posts. If we can, why don't you?
Leave a Reply
You are prohibited from posting comments merely to advertise your website. Please read Rules and About This Blog at the top menu bar for more information.
Because of spam-comment criminals, we are forced to manually moderate every comment that you may post. Your comment will appear only after we review and then approve it. It will take us several hours at most to review it.
Please note that all one-sentence comments will be automatically rejected as an anti-spam measure.