New Malware Sites Targeting Google Users

According to security investigators, a fresh online attack on users of Google is deceptively taking victims onto fake anti-virus websites by exploiting Google's page-ranking service.

Elaborating on this latest scam, the researchers stated that at first the online attackers would break into a website; however, rather than placing attack codes on that site, they place web-links leading to other sites like porn or fake pharma sites, so that the rank of the search engine result is boosted up. However the technique is being applied towards raising the ranks of malevolent websites, but it has an uncommon twist of targeting Google users.

Lee Graves, senior technical services engineer at eSoft, stated that the website rankings that are being raised on search engines are currently delivering malware via a complicated sequence of redirects; nevertheless, these redirects and malicious programs are only delivered when visitors access the websites via the Google search links. For, if the URL addresses of the malevolent websites are directly entered into the browser then no harmful pages are accrued. Securecomputing.net.au reported this on September 23, 2009.

To continue further, if any user clicks the web-links from among the Google search results, then he'd land on websites that utilize an ordinary Rogue anti-virus template to warn the user of so-called infection on his PC and that he must download certain security software that is actually a Trojan. Moreover, this Trojan bears a detection rate of merely 7% by anti-virus programs from Panda, Microsoft and NOD32.

Additionally, Graves said that the attackers were really employing a PageRank bomb, alternatively blackhat SEO attack technique. Further, a small number of particular keywords for search were being utilized while other keywords were being routinely added. Some keywords were hazardous and as fresh news emerged, the keywords also changed.

Ultimately, the researchers said that in case users clicked a hazardous search result, they would be diverted to a few places till at last they'd be brought onto a rogue anti-virus site with every sort of malicious feature.

Evidently, the attack so far has targeted only Google search engine, with little possibility that surfers on any other search engine have been similarly attacked.

Related article: New Zealand Releases Code To Reduce Spam

» SPAMfighter News - 10/14/2009