‘iPad’ Related Searches Lead to Fraudulent Websites
According to security researchers, the recently launched iPad (a Tablet PC from Apple) is already being used in hackers' attacks. These attacks are based on search result poisoning through the BlackHat 'Search Engine Optimization' technique.
The increase in search terms associated with the iPad on Bing and Google are apparently being utilized to launch SEO assaults. These assaults eventually place hackers' fraudulent websites among the top search engine results, state the Websense experts.
Thus, the researchers have identified a fake antivirus software which is consistently rising by impersonating websites. These websites present product information and news updates about the Apple Tablet PC. Victims are forced to buy a license to acquire the software for removing the so-called detected malicious programs, the researchers added.
Similar to Websense, Symantec has cautioned Web-surfers about existing and forthcoming attacks that could exploit people's interest in the fresh system from the Apple manufacturers. The firm cautioned that together with rogue antivirus and malware attacks, cyber criminals would try to cheat Web-surfers with bogus promotional and retail offers to get discounted or free iPads.
The security researchers said that the attacks started appearing in just a few hours of iPad launch. According to Candid Wueest (Symantec Researcher), the excitement surrounding Apple's iPad has been accumulating for months; therefore it is nothing unusual to find a massive surge of search traffic associated with certain keywords since the Tablet computer's announcement, as reported by V3 on January 29, 2010.
Giving details of the attack, Don Debolt, Director of Threat Research at CA, stated that its whole process was automated, as reported by CNet News on January 28, 2010. According to Debolt, the company found the attack as an extremely programmatic and systematic process. The attackers were utilizing software on search engines to determine the widely used search subjects. Thereafter, they inserted the details into hacked sites so that the compromised websites and malicious content were indexed by the search engine, Debolt enumerated.
Similar tactics have also abused other popular searches like the demise of Michael Jackson and the Haitian quake according to the researchers.
Related article: “Loopholes did not cause online banking thefts”: ICBC
» SPAMfighter News - 04-02-2010