Google Trend Exploited to Rank Malicious Pages High on Search Results
Security company McAfee is alerting about malware distributors who are exploiting Google Trend, a utility that traces the search terms most commonly used on Google, so that their web pages earn a higher ranking.
McAfee's Avert Labs said that trends of several malware-infused pages have been artificially ranked high so that these pages appear as top hits with respect to many Google searches.
Craig Schmugar, Senior Threat Researcher at McAfee, said that the creators of malware are planting text and keywords onto the pages so that they get displayed on the results (web pages) for those phrases, as reported by Vnunet on February 27, 2009.
Schmugar added that in one maneuver, the malware distributors are erasing the content of those pages that naturally ranked high, making it slightly more convincing for the surfer when he gets the artificially ranked search results.
For instance, for someone who enters the keywords, "Obama Budget", would most likely get malicious pages with the same words in the search results. Other popular key terms that yield malicious results are "Gmail down" or "Gmail outage". Notably, a majority of the 100 common Google search phrases now leads to a malware site.
McAfee's security researchers also said that when a user clicks on any one of the malevolent links, he would be diverted to a page which would try to exploit IE vulnerability, with the link also delivering a Trojan horse, named FakeAlert. Subsequently, the site feigns to scan the user's computer, display pop-up warnings that inform of malware infection on the system and then instructs the user to buy software to remove that malware.
Meanwhile, the security specialists stated that launching malware attacks by exploiting Google Trends isn't new. During October 2008, security researchers cautioned that miscreants could exploit the system and that has now turned out to be true.
According to Schmugar, attackers exploiting Google Trends were being carried out for several days now, but earlier they were much smaller in scale.
He advised users to be careful when following search hits and do not click on links pointing to suspicious/unknown URLs.
Related article: Google Rectifies Gmail flaw in Three Days
» SPAMfighter News - 04-03-2009
We are happy to see you are reading our IT Security News.
We do believe, that the foundation for a good work environment starts with fast, secure and high performing computers. If you agree, then you should take a look at our Business Solutions to Spam Filter & Antivirus for even the latest version of Exchange Servers - your colleagues will appreciate it!