Image Search Results Associated with Obama’s Birth Certificate Infected

The President of the USA, Barack Obama, lately released his birth certificate clear the controversy over his place of birth. However, this news of the public display of Obama's birth certificate resulted in several Google Image searches for "Obama birth certificate", which in turn, offered a golden opportunity to the cybercrooks to make money from this hot and trendy topic, as reported by SOFTPEDIA on April 28, 2011.

Security experts at GFI software cautions that links directing netizens to drive-by download attacks have placed themselves on the first page of the results returned for the above stated keywords.

The malware ridden web pages install an exploit for a popular Java flaw. If installed properly, the attack leads to the deployment of a scareware application namely "Security Shield" on the victim's machines.

Researchers notified about the infected search results on Google image search on April 19, 2011. The search results were still infected with malware till April 29, 2011. Cybercriminals are exploiting trendy topics or themes that are presently quite popular. For instance, the royal wedding of Britain's Prince William and Kate Middletown and the White House revealing President Obama's birth certificate.

Remarkably, besides GFI Software, Websense Security Labs Threatseeker network identified similar attacks and discovered that a Google Image search displayed malicious images, which would lead netizens to web pages running Neosploit malware kit.

Commenting on the matter, Xue Yang, a researcher at the security firm Websense, stated that, the attack websites had been customized as sometimes it directs users to Neosploit, and the other times it directs users to a bogus antivirus website, as reported by eWEEK on April 30, 2011.

Yang further added that, in case of Neosploit kit, the attack website installs a payload customized for the user's operating system, web browser, and uploaded software. In one instance, the attack website installed a PDF file targeting 3 Adobe Reader flaws and was not noticeable by various key antivirus scanners.

Conclusively, users or netizens should be completely aware of the malicious links and always remain vigilant. When searching for anything on the Internet, rather than clicking automatically on the prime result, they should check the URL looks like try to find out its genuineness. Users should always download stuff from well known and reliable websites.

Related article: Image Spam Set to Hit Worldwide PCs Back

» SPAMfighter News - 5/5/2011