Criminal Attempts to Block Indexing of Hacked Sites

Cybercriminals are not leaving any stone unturned to conceal malware in already compromised websites from Google and Yahoo!, as per the news published by The H Security on April 26, 2010. Their aim is now to stop browsers using technology such as Safe Browsing API of Google from raising the alert when a hacked website is visited by a user.

According to security experts, Google's Safe Browsing API facilitates applications of users to query Google's malware and phishing blacklist. It is noteworthy that both Google Chrome and Firefox use API that is based on Google searches for suspicious code containing websites.

Brian Krebs, former Washington Post reporter and security expert, revealed that both Google and Yahoo! have automated programs crawling millions of websites per week in hunt of malicious code hosting sites, as per the news published by KrebsonSecurity on April 23, 2010.

Krebs further said that on discovering such websites, search providers generally attach a caution to the listing of compromised website in search results. This way a prospective visitor is warned that the website could contain malware. As a result of these warnings, very few people visit hacked sites. These warnings also caution the owners of a listed website of a malware problem that requires immediate attention.

However, cyber crooks are very fast-forward and are infusing malicious code in the sites hacked by them and are distributing malware to every single visitor to that site while evading the automated anti-malware bots placed by the leading search providers.

According to the reports, a Russian researcher Denis Sinegubko has recently found at least two malware embedded in blogs that are able to modify the host website to conceal malicious links from Google's search bots, as per the news published by KrebsonSecurity on April 23, 2010.

Security experts said that to deliver such type of browser-specific content is not a new concept. However, earlier this technique was meant to be used by developers to serve different codes to Firefox and Internet Explorer due to different functions. Brian Krebs quoted even Google confirming that these tricks are being used by criminals. As per the reports, Google is positioning measures to combat these malicious tricks, though it is refusing to release details in this context.

Related article: Criminals Hack With More Evil Tactics

» SPAMfighter News - 5/5/2010