Google Results Connect to Numerous Malicious Sites
Search results on Google are diverting large-scale user traffic to malicious Websites under a well-coordinated campaign, said security researchers on November 27, 2007, as per PC World.
Users entering search requests on Google for any number of fairly deduced phrases ranging from the more technical like "skill to learn cisco router vpn dial in" to something more thrilling like "how to make a dog learn to fetch" will find hits at the start of the list of results that would take them to malware-spewed Websites.
On November 26, 2007, a report from Sunbelt said that it noticed a large number of search results produced that direct to malware-hosted sites. ZDNet published this on November 27, 2007.
On November 27, 2007, Researcher Adam Thomas at Sunbelt released another post. He wrote that Sunbelt Software had discovered innumerable individual Web pages that were meticulously crafted to obtain top rankings on the search engine hits.
Those papers boosted their Google positions with dishonest tactics like 'blog spam' and 'comment spam' where overwhelming links flooded the sites in their comment areas.
Attackers possibly are using bot-infected PCs to embed links onto any Web structure that seeks to find a URL, Researcher of Sunbelt malware, Adam Thomas, further wrote, as published by ZDNet on November 27, 2007.
The number is huge with 27 unique domains, each hosting about 1,499 malware pages counting to a total of 40,000, said Sunbelt Software's Chief Executive Alex Eckelberry. PC World published the news on November 27, 2007.
No clues, however, exist that suggest that the miscreants paid to acquire keywords for Google search. It also doesn't seem that they have hijacked legitimate sites. What seems plausible is that they have manipulated Google's ranking pattern to register with it malicious sites of their own.
Once they are on Google, they divert surfers towards their malicious pages, Alex Eckelberry said. While most users might not notice the misses on the bogus results, the highly wary ones might suspect the tricky URLs because they are simply a random group of characters, mostly showing China's .cn, a popular domain type on their addresses.
Related article: Google Rectifies Gmail flaw in Three Days
» SPAMfighter News - 11-12-2007