New Attack with Malware from Google BlogA blog hosted on Google is reported to be running counterfeit security content which is connected to a malicious code. It is also using Google's auto-notification function to lure subscribers to click a malware-infected link, said Director of Product Management, Ofer Elzam at Aladdin's eSafe unit. Networkworld published this in news on January 31, 2008. The blog named as "Brittany" tricks readers searching for information about authentic security products by copying content from security vendors Trend Micro, Symantec and Aladdin Knowledge Systems. The exploit was first spotted when Elzam received an e-mail alert from Google regarding Aladdin. But Elzam thought it appeared odd. Elzam said that the alert was related to an award of 2005, but the quote was slightly changed from that year to 2008. Also, there were more entries such as those relating to Trend Micro and Symantec, Elzam said. Any user who clicked the links inside the e-mail alert from Google, or those in the Google blog containing security information from phony vendors, found themselves taken to a pornographic site containing an attack code, which tried to install malware onto the user's system. According to Google (about the usage with respect to its blog), it is not obliged to be on guard, noting that its blog sites could contain harmful, offensive, incorrect, or inappropriate material. Google's usage policy says that it does not keep watch on the contents of Blogspot.com and Blogger.com, and is neither responsible for any such material. Instead, it merely makes access to this material possible as a utility for its users. Elzam also doubts if malicious blog contents are stolen material from high-tech companies within the industry, or are based on manipulated brands, to try to dupe users into loading malware. Vice President of Marketing, Tom Gillis, at Cisco's IronPort unit, too said that he was aware of the growing practice of fake blog postings intended to spread malicious code although he didn't come across any similar attack on Cisco. Gillis said that the creation of bogus blog contents is increasingly becoming a part of modern sophisticated attacks. NetworkWorld published this in news on January 31, 2008. Related article: New Zealand Releases Code To Reduce Spam ยป SPAMfighter News - 2/8/2008 |    |
Dear Reader
We are happy to see you are reading our IT Security News.
We do believe, that the foundation for a good work environment starts with fast, secure and high performing computers. If you agree, then you should take a look at our Business Solutions to Spam Filter & Antivirus for even the latest version of Exchange Servers - your colleagues will appreciate it!
 |  |
