Hackers Use SEO Technique to Promote Fake Security Programs

AVG Technologies, which has recently examined a fake anti-spyware scam, observed that within 24-hrs of news about a particular incident, cyber criminals had managed to get their malevolent web-links among the first five positions of Google search results. This finding indicates to the challenges faced by search engines like Google, Microsoft Bing and Yahoo.

Although manipulating results on search engines for getting Web-surfers to go to malicious sites isn't new, the analysis by AVG Technologies indicates that the tactic can prove extremely successful.

The fake anti-spyware campaign analyzed by AVG tried to capitalize on people's curiosity about the earthquake struck Samoa during the end week of September 2009.

In a personal blog post, Roger Thompson, Chief Research Officer at AVG, wrote that he received the initial e-mails reporting the Samoan earthquake on September 29, 2009, around 4pm EST. Next day at around 7pm, Google search of the earthquake produced fake spyware results. These fake spyware results comprised 5-6 among the top 10 hits on the Google search-page, and they were much higher in rank compared to the 'The Guardian' and 'CNN' results for the "Samoan Tsunami" search, as reported by AVG BLOGS on October 6, 2009.

However, if anyone followed the malicious links as described above, he was taken to an Internet site, which attempted to trick him into downloading rogue anti-malware software.

Moreover, the search-engine poisoning happens, not just occasionally, but as often as 2-3 times every seven days, whenever a significant event becomes a news item that the bad guys exploit.

While Google cleans off these poisoned results from its indexes, they invariably return elsewhere very soon.

Such manipulation of search engines like Google and Yahoo isn't new. During March 2009, McAfee discovered that online miscreants manipulated the ranking of Democrats.org on Google search page so that their own damaging web-links had more chances of appearing among the hits. Evidently, this was accomplished as hackers made a huge number of bogus posts containing malevolent links on the website for several weeks.

Related article: Hackers Redirect Windows Live Search to Malicious Sites

» SPAMfighter News - 10/22/2009