Link Farms Injecting Malware in Search Engine Results
According to Team Leader malware Researcher, Chris Larsen at Blue Coat System, similar to the malicious code inserted into the database by SQL attacks, likewise link farms "injects" malware into results of a search engine. And the trouble is not diminishing, said Larsen while addressing at a RSA conference held in San Francisco recently, as reported by the website esecurityplanet on February 29, 2012.
Larsen held the view that infecting search engine result is quite easy and at the same time, quite difficult for search engine operators also.
While speaking about the recent malware inception, Larsen also denoted that if the crooks have some plans to victimize the naïve, higher officials also have enough security measures to befall them. In the summer and winter reports of 2011, Blue Coats already tracked 40% of such attack emissions and it anticipates more in the future.
Search engine are poisoning and targeting lead searchers or scam destinations. Initially, Black Hat technique forms link farms and fills the sites thousand of malware encrypted links and fake pages. Then, they utilize bots to infect the web with malware-infected links to the false sites by making all kind of crap comments on blogs and even in the forums. While discussing about all such facts, Larsen also showed a screen that was sought from a forum discussion containing computer-generated usernames in which people were responding each other with the links attached with them.
However, the most important question that arises is what makes search engine poisoning so fast??
One reason is that malicious sites can select what search engine sees when it indexes the sites. When the search engine crawls the sites, it serves up only benign content. malware can be served even when the visitor visits the sites after some time.
It's not malicious when they inject it into search engine instead its malicious when one visit it, claimed Larsen.
A method used to get a high rating in a search is to form a site with little legal competition. Holidays themes are famous in this regard. These crooks are enabled to set up a site for countries celebrating Halloween festival for instance, while still establish an optimum ranking with search engine as they visit the web. In October, when users commenced searching for a specific topic like Haloween say in this case, the malicious website can show such results in the top itself for it serves such malicious code.
Related article: Long URLs Cause Security Flaw in Opera Browser
» SPAMfighter News - 12-03-2012