Rumors that said that on the next May 21st 2011 will be the end of the world indeed have become wide spread, and this news has become very popular since a few days ago, and the cyber criminal are also already aware of it.
When I do a search images on Google using keyword “end of the world may 21st”, it turns out there is already a dangerous image that leads to a malware site. And that site using keyword stuffing technique to increase the SERP (Search Engine Results Page) ranking.
When a user clicks on the malicious image, the browser will display the images in thumbnail, but then the browser will also run a malicious script, redirect user to the other malicious site and tries to run and exploit Java Runtime Environment vulnerability, to install malware to the victim’s machine.
In case the malware fails to be active, the user is also faced with a download window to download the PDF file. Once user executes this malicious PDF, it will try to exploit Adobe Reader vulnerability, to download files from the Internet and launch the malware, which actually a rogue application or FakeAV known as Win 7 Security 2011 or XP Home Security 2011, the same malware that occurs in “The Royal Wedding” scam.
As typical of fake antivirus, once installed, the rogue application will start a scan automatically, besides that it also displays many fake warning messages saying that your computer is infected with malware or your computer is under attack.