Google Discovers Virus compromising Web Searches on over 1m PCs
Google is cautioning 1m or more Web-surfers that malware has infected their PCs so as to hijack their search returns while attempting at frightening them into buying scareware i.e. fake security application. KrebsonSecurity published this on July 19, 2011.
Actually Google, while conducting a regular check up of one among its different data centers, saw that extraordinary traffic flowed out of PCs that apparently were contaminated with a virus.
Stated security engineer Damian Menscher from Google, the malicious program seemed to infiltrate computers through bogus anti-virus software. Unwary victims take down such software that subsequently exploits a Windows security flaw for snatching hold over the web searches. The Telegraph published this on July 21, 2011.
On further analysis, Menscher found the origin from where the traffic flowed. Initially he discovered that over 1m Microsoft Windows PCs were contaminated due to a malicious program that was created for gaining control over search results whenever end-users hunted on Google.com or any other prominent Internet search engine.
Moreover, the malicious program Google has spotted routes some specific queries on the Web via proxy servers that the malware perpetrators are controlling. Evidently, whenever users perform a search via the said proxies they get the security alert. Normally the proxies are used in a transparent manner for end-users.
As usual, the malicious program changes the content of end-users' hosts files. Such files are utilized for establishing a correspondence between domain names and Internet Protocol addresses thereby allowing checking domain names devoid of relying on any DNS server.
Wrote Menscher in a company blog that Google hoped if it adopted measures for informing end-users when their traffic flowed via the said proxies it could help them to make their AV applications up-to-date as also cleanse the existing infections. SmartHouse published this on July 21, 2011.
Besides, Google from time-to-time has been serving security alerts together with search returns for the benefit of users whose PCs get hijacked.
However, while security specialists applaud Google for issuing malware alerts, the cleansing part will be the real hard work as search hijackers typically prevent users from accessing websites providing anti-malware programs.
Related article: Google Rectifies Gmail flaw in Three Days
» SPAMfighter News - 30-07-2011