The news from the hacking and ransomware world has already become as fascinating as a first-class detective novel. And today we have some more interesting news.
The fake website of well known IT security firm Symanctec had appeared. Someone had created the almost exact copy of "Blog" section of original website. It looks almost 100% as original, besides two things: "Search" feature doesn't work and there is a fake article regarding CoinThief.
Original Symantec Blog
Take a good look at the screenshot above, and take even a better look on the left pic with girl in glasses.
Fake Symantec Blog
Now compare the left pic of the fake website with the original one. The text under says that "New Version of CoinThief Infects Mac Crypto Traders".
Fake article says that the malicious program is distributed using the zero-day vulnerability in browsers [0day is a term denoting unresolved vulnerabilities, as well as malicious programs against which protection mechanisms have not yet been developed].
It gives some fake recommendations, that can be very dangerous and gives a link to a suspected malware download. We strongly recommend you not to follow fake instruction. The original Symantec Blog is https://www.symantec.com/blogs/ It is also worth noting that fake website marked as "Secured" in the browser.