Malware authors jump on the PIFTS.EXE bandwagon

It looks like the bad guys are proving that once again they aren’t slow to leap on an opportunity.

With parts of the internet flustering over the Symantec / PIFTS.EXE debacle, hackers have set out to poison search engines in an attempt to cash in on unsuspecting computer users.

We’re seeing evidence that websites containing malware are showing up in search engine results when people hunt for more information about PIFTS.

Sophos’s WS1000 Web Appliance is already picking up some of these sites as Mal/BadRef-A, and preventing users from accessing them.

The Mal/BadRef-A script redirects to another malicious script (detected by Sophos as…

Read more in my article on the Naked Security website.

Found this article interesting? Follow Graham Cluley on Twitter, Mastodon, or Threads to read more of the exclusive content we post.


Graham Cluley is a veteran of the cybersecurity industry, having worked for a number of security companies since the early 1990s when he wrote the first ever version of Dr Solomon's Anti-Virus Toolkit for Windows. Now an independent analyst, he regularly makes media appearances and is an international public speaker on the topic of cybersecurity, hackers, and online privacy. Follow him on Twitter, Mastodon, Threads, Bluesky, or drop him an email.