I’m a very big fan of Google Groups, however lately Google Groups has been overrun with posts containing links to malware downloads. So far google has done nothing about this and it’s really too bad.
The malware that’s being distributed is usually the Zlob Trojan. The screen shots below were taken just a few minutes ago while searching for “symantec download”.
On page 3 of the results we see a link with Symantec download bolded (grabbing an unsuspecting users attention)
Upon clicking the hyperlink we are brought into the post. Inside the posts are 2 huge hyperlinks going to http://downloadbf dot com/best
Once one of the links are clicked a download immediately starts. The download…setup.exe…a zlob Trojan (props to AVG for detecting and removing Zlob.WMH).