Search Google, Click to Massive Malware Attacks?

Tuesday, November 27, 2007 1:00 Prime Minister PST

Recommend this story?

Please Wait...

A large-scale, coordinated political campaign to maneuver users toward malware-spewing Web land land sites from hunt consequences is under way, security research workers said Tuesday.

Users searching Google with any of 100s of legitimate phrases -- from the technical "how to lake herring router vpn dial in" to the heart-tugging "how to learn a domestic dog to play fetch" -- will see golf course near the top of the consequences lists that Pb directly to malicious sites hosting a mountain of malware. "This is huge," said , 's CEO. "So far we've establish 27 different domains, each with up to 1,499 [malicious] pages. That's 40,000 possible pages."

Those pages have got had their Google ranking boosted by crooked tactics that include "comment spam" and "blog spam," where bots inundate the remark countries of land sites with golf course or mass big Numbers of them as fake blog posts. Attackers may be using bots to stop up golf course into any Web word form that petitions a URL, added Sunbelt malware research worker .

There's no grounds that the felons bought Google hunt keywords, however, nor that they've compromised legitimate sites. Instead, they've gamed Google's commanding system and registered their ain sites.

"They acquire themselves on to Google, then redirect people to their malware pages," said Eckelberry. Most users wouldn't surmise anything's awry with the knave results, although the ultra-wary might be leery because many of the malicious URLs are just a clutter of characters, with 's .cn top-level domain at their ends.

Once shunted to a malware-hosting site, the user might confront a sham codec installing dialog. If the user doesn't bite, the page's IFRAME will acquire him, said Thomas. "This is what's doing the most damage," he said. "It's loaded with every piece of malware you can believe of, including bogus toolbars, knave software system and scareware."

One land site that Seth Thomas encountered tried to put in more than than 25 separate pieces of malware, including numerous Dardan horses, a Spam bot, a full-blown rootkit, and a brace of watchword stealers. All the malicious codification pitched at users is well-known to security vendors, and can only work PCs that aren't up-to-date on their patches.

"I ran into one, and it hosed my VM [virtual machine]," said Eckelberry. "Completely hosed it."

While Eckelberry called the cozenage "impressive" in scope, Seth Thomas echoed his foreman in describing the attack's magnitude. "It's wish they've colored any possible hunt term you can believe of," said Thomas. "There are 10s of one thousands of [malicious] pages out there."

Sunbelt's company blog athletics silver screen shots of respective Google hunt consequences lists, with malware-infecting land sites identified, as well as mental images of the fake codec installing dialogues and the codification of one of the malicious IFRAMEs.

Biggest digital threats in 2008

When
it come ups to staying Safe in cyberspace, the coming of new
technologies usually shows a double-edged sword. Advanced software, Web
sites, and devices pull attending because they do communicating easier,
accomplishing undertakings faster, or being online more entertaining. But hackers
generally follow to work the up-to-the-minute mass market. That’s wherefore computer
security research workers state some of our newest technical fascinationsâ€"iPhones
, societal networks, and Internet telephone services, to call a fewcould present
tempting marks in 2008. Sure, Sellers of security engineering have got a financial
stake in fanning computing machine users’ fears, but it’s utile to know
where the bad cats might strike. WAyward web sites The New Coevals of land land sites generally referred to as Web 2.0
act more like traditional personal computer software: The sites are fast, responsive, and speed
up page loading. That agency browsers are working harder than ever to draw the
data that maintains land sites current. Couple that with marketplace imperative moods to keep
pushing out new characteristics to users, and the emerging Web could show a
dangerous brewage of software system flaws that’s mature for hackers to exploit. A Target in your pocket Sophisticated cell telephones that boasting tons of storage, Wi-Fi
networking, and souped-up computing capacity offering tons of people the opportunity to
use them as imitation PCs. But all that information zapping forth from smart telephones means
cyber felons are sniffing around for ways to check into them. Phones with
software from Symbian and Microsoft have got got already been attacked, and security
researchers have demonstrated ways to chop into Apple’s iPhone. Google’s newly announced Android mobile-phone software system could be next. Hackers travel pro In the past few years, hackers have got banded together and
worked with organised law-breaking to crop the most valuable information exposed on the
Internet. Next twelvemonth could witnesser an even more than complete amalgamation between the
computer and criminal undergrounds. Developers for hire and professional hacking
kits are available through online markets. And felons are on the lookout man for
intellectual place that dwells on companies’ servers. In 2005 and
2006, hackers stole as many as 94 million credit- and debit-card numbers from
the computing machines of retail merchant TJ Maxx. More efficient groupings could do break-ins
like that even more than prevalent. Hello, desire some viagra? At first, spammers typed their seedy solicitations into
e-mail messages, then displayed them as harder-to-detect graphics. Next came
attachments of PDF and Word documents. Now, research workers say, junk-mail purveyors
are attaching MP3 data files to their letters so users who open up them acquire audio
messages about penny stocks, for example. More chatty Spam is probably on the
way, and it’s likely lone a substance of clip before picture Spam invades
in-boxes too.