Democratic Underground Latest Greatest Lobby Journals Search Options Help Login
Google

Google searches gateway to Malware

Printer-friendly format Printer-friendly format
Printer-friendly format Email this thread to a friend
Printer-friendly format Bookmark this thread
This topic is archived.
Home » Discuss » The DU Lounge Donate to DU
 
swag Donating Member (1000+ posts) Send PM | Profile | Ignore Wed Nov-28-07 10:16 AM
Original message
Google searches gateway to Malware
This probably pertains to other search engines as well, but the problem has really hit critical mass this week. One of my users has totally fucked up his system this week, and I'm hearing a lot of reports of similar happenings from the hinterlands.

Search Google, Click to Massive Malware Attacks?

Tuesday, November 27, 2007 1:00 PM PST
A large-scale, coordinated campaign to steer users toward malware-spewing Web sites from Google search results is under way, security researchers said Tuesday.

Users searching Google with any of hundreds of legitimate phrases -- from the technical "how to cisco router vpn dial in" to the heart-tugging "how to teach a dog to play fetch" -- will see links near the top of the results listings that lead directly to malicious sites hosting a mountain of malware. "This is huge," said Alex Eckelberry, Sunbelt Software's CEO. "So far we've found 27 different domains, each with up to 1,499 pages. That's 40,000 possible pages."

Those pages have had their Google ranking boosted by crooked tactics that include "comment spam" and "blog spam," where bots inundate the comment areas of sites with links or mass large numbers of them as bogus blog posts. Attackers may be using bots to plug links into any Web form that requests a URL, added Sunbelt malware researcher Adam Thomas.

There's no evidence that the criminals bought Google search keywords, however, nor that they've compromised legitimate sites. Instead, they've gamed Google's ranking system and registered their own sites.

"They get themselves on to Google, then redirect people to their malware pages," said Eckelberry. Most users wouldn't suspect anything's amiss with the rogue results, although the ultra-wary might be suspicious because many of the malicious URLs are just a jumble of characters, with China's .cn top-level domain at their ends.

. . .

Feel free to repost to LBN or GD. Me, I'm just lounging today.
Printer Friendly | Permalink |  | Top

Home » Discuss » The DU Lounge Donate to DU

Powered by DCForum+ Version 1.1 Copyright 1997-2002 DCScripts.com
Software has been extensively modified by the DU administrators


Important Notices: By participating on this discussion board, visitors agree to abide by the rules outlined on our Rules page. Messages posted on the Democratic Underground Discussion Forums are the opinions of the individuals who post them, and do not necessarily represent the opinions of Democratic Underground, LLC.

Home  |  Discussion Forums  |  Journals |  Store  |  Donate

About DU  |  Contact Us  |  Privacy Policy

Got a message for Democratic Underground? Click here to send us a message.

© 2001 - 2011 Democratic Underground, LLC