Search for “Free Printable” May Result in Malware

Security experts at Trend Micro warned that people using the search term 'free printable' should be careful of the sites infected with malware. The company has found a cybercriminal crusade based on SEO (search engine optimization) methods to compromise the search results for items like gift certificates or printable discount vouchers.

Technical Communications Associate at Trend Micro, JM Hipolito, claimed that their researchers have discovered that search engine inquiries using the string yielded results included already compromised sites, as per the news published by Webuser on January 26, 2010.

The reported hacked websites are manipulated with JavaScript malware identified as JS_REDIRECT.SMF and JS_REDIRCT.MAC. Both these malware started a set of redirections whenever user access hacked websites.

Subsequent analysis indicated that these redirector websites result in a fake search engine page. This page is found to be localized based on users' IP address.

Commenting on the ultimate goal of the assault, the security experts informed that the owners of websites usually pay referrers so as to draw higher traffic towards their website. Hackers, in this particular attack, make it look as if their fake search engine pointed to some website, in place of the actual search engine that the user has been using. Thus, website owners pay hackers for the essentially unlawful referral.

In the past, this assault was seen directing users to install variants of FAKEAV, popular as rogue anti-virus software. It is learnt that FAKEAV malware are scareware lodging forged infection indications on a system to deceive a user into entering credit card details to make payment for "full version" of bogus software.

Besides mistakenly helping attackers to gain from affiliate scheme, the researchers stated that the users are exposed to the threat of facing other harmful risks as long as the redirectors are controlled by hackers. Redirectors can be easily made to point to new portals or websites hosting malware which can compromise users' PC.

Therefore, the netizens are strongly recommended to avoid using search strings that include 'free printable'. Further, users should download security software from a reputed service, which can rate as well as obstruct access to harmful domains and particular URLs.

Related article: Surge in Spam attack

» SPAMfighter News - 2/3/2010