Poisoned Easter-related Search Queries Lead to Malicious Sites

According to Parveen Vashishtha, Security Researcher at Symantec, as the Easter vacation is about to start on April 12, 2009, cyber crooks have already begun corrupting queries put to search engines so that users could be directed to Internet sites that serve malicious software, as reported by SCMagazine on March 30, 2009.

Moreover, different search terms pertaining to Easter have been corrupted so that web links connecting to fake websites appear among the search results. Some terms in the corrupt form are Popular Easter Bible verse, Easter verse, Easter verses poems, Easter greeting card verses etc.

In addition, miscreants are employing various tricks like 'referrer checking' that help to elude computer security systems, said Symantec. Users directly visiting the fake domains among the search results would come across web pages containing numerous Easter related links and keywords. These links and keywords are used to push up the search ranking of those pages. If followed, these web links could lead surfers to hazardous situations.

Vashishtha also says that the malevolent script diverts surfers to an Internet site that shows a bogus antivirus scan as well as serves a fake application.

Further, a number of these rogue domains are currently diverting users to wikipedia.org, said Vashishtha. But this implies that the crooks would alter the redirection so that users could be led to malicious websites sometime later.

Besides this, the criminals by displaying "no-cache, no-store" within their HTTP captions are preventing these malevolent pages from being cached or stored.

Security researchers state that exploiting the 'search engine optimization' technique with the use of corrupt keywords isn't something new. In truth, miscreants have been manipulating widely used search terms of the Internet for past many months so that their fake websites are raised on the search result listings. Also, the exploitation of human inquisitiveness about upcoming events is not uncommon.

Hence, online surfers are suggested to maintain extra vigilance while doing any web-search with Easter-related keywords.

In a similar news, hackers recently targeted "March Madness" basketball championship as they excessively used search terms pertaining to the event and connected the same to malware sites.

» SPAMfighter News - 4/8/2009