Chinese Actors Copy and Paste HackingTeam Zero-Days in Site Hack

Keygen Capers and Suurgle Surveys

While searching for potentially bogus key generators (or keygens) for our Malwarebytes products, we encountered a supposed tool for Kaspersky Anti-Virus. The URL is below:

kasperskykeygen[DOT]org

We firmly discourage anyone with a curious or rebellious streak to visit this site, because not only does it redirect visitors to random destination sites, sometimes based on their IP, it may redirect them to places they don’t want to visit. At all.

From the time we spotted and kept our eyes on the .org site, we’ve seen it resolve to destinations that are sometimes legitimate (such as random pages from Kaspersky’s websites), sometimes questionable (such as a site offering the chance for you, dear Reader, to become a millionaire), and sometimes outright hilarious or scammy.

In this post, we’re going to touch on the hilarious and scammy.

One of the resolved site is something called Suurgle, a survey site purportedly by Google. The term, we reckon, is a portmanteau of the words “survey” and “Google”.

The Suurgle Page

click to enlarge

Suurgle Annual Google.com Visitor Survey

We would like to improve the services that we offer to Google users by asking you to complete a short survey. In return, you can enter an exclusive prize draw to win an iPhone 6 and iPad Air 2.

Please take the time to complete, it will take less than 60 seconds.

[ Start Survey Now ]

Just to sample what the questions and answers look like, below is a screenshot of the first question of the survey:

suurgle-sample-query

click to enlarge

At the end of the survey, users are presented with a page where they can click links to claim the promised products; however, clicking any of the links lead to an error page. No surprise there.

Google’s Product Forums actually reference a decent collection of similar scams as the above. If you find yourself confused as to whether what you’re seeing is real or not, go here and report it.

Someone in there will be available to answer your queries; however, more often than not, Google wouldn’t conduct a survey that is housed outside its domain.

Another scammy destination from the .org site above is this fake BBC news page, which sports the catchy headline “British Citizens Found a Loophole to get the New iPhone 6 for only £1”:

Fake BBC News Page (full)

click to enlarge

Below is a snippet of the fake article:

If you live in the UK and want the brand new iPhone 6, then this may be the most exciting article you'll ever read.

Here's the deal: Apple Inc (NASDAQ: AAPL) is giving away brand new 64 GB iPhone 6's to UK citizens for only £1. Yes you read that right - 1 pound.

As part of a special promotion, Apple is working with its trusted distributing partner, RockyFroggy for giving away iPhone 6's that cost 99% off regular retail price.

Why are they offering this crazy promotion? Director of Marketing, Joel Branson explains, "Last year, Apple's UK market share dropped to 35% and is losing to Google's Android worldwide. Apple can recapture British users by giving away extremely low-priced iPhones to people and converting them into repeating Apple customers who will spread the word to their friends."

Note that this page is peppered with links to the aforementioned partner, which we later on found out has questionable reputation:

iphone6-scam

click to enlarge

The same bogus BBC page is also mentioned in relation to the current buzz around Megaupload redirects.

Keygens are normally fake or malicious, and we advise users to steer clear—and absolutely no suurgling.

Jovi Umawing (Thanks to Steven again for finding this)

ABOUT THE AUTHOR

Jovi Umawing

Knows a bit about everything and a lot about several somethings. Writes about those somethings, usually in long-form.