Vulnerability Alerts
SANS
 
Microsoft
 
CERT/CC
 
 
Latest Comments
"I feel it with you guys. These irritating interruptions on privacy MUST be stopped. It is a ..."
on Yahoo and Microsoft take aim at lottery scams
by Jan Wilmans | Dec 2, 2008 7:11 PM
 
"My AVG WILL NOT UPDATE"
on AVG update deletes critical Windows file
by James Downs | Dec 2, 2008 5:58 AM
 
"Concerned man's comments seem to intimate that if I'm using agents all will be well but the ..."
on Shavlik Technologies to broaden its patch management offerings
by Werner K | Nov 26, 2008 8:36 PM
 
"That will enhance Microsoft Office system, including SharePoint - good platform for enterprise ..."
on Companies have security to consider with in-the-cloud Office
by SGE | Nov 25, 2008 3:29 PM
 
"how many users allow per session? because the digital persona password manager allows only 10 ..."
on DigitalPersona Pro Workstation/Pro Server
by Daniel | Nov 25, 2008 12:14 AM
Web

Search terms lead to compromised sites, Google cleans database

  • Email a Friend
  • Print Page
Search terms lead to compromised sites, Google cleans database
Related Articles
By Negar Salek
Nov 28, 2007 3:55 PM
Tags: "SEO" | "search | engine | opitimastion" | "search | terms | malware" | | "christmas | search | terms" | "web | threats"
According to a Trend Micro blog entry yesterday, Ivan Macalintal wrote, when he searched for “christmas gift shopping” in Google the search engine listed several .cn URLs that led to malicious sites.

He warned: “Searching for the above phrases can lead you to the malicious URLs. Clicking on these URLs then takes you to another site via a JavaScript, eventually leading to the download and execution of a malware.”

One site was titled ‘Christmas card with girl on phone! Shopping for christmas gift' with the URL Zxzgpxltkxt.cn/1278.htm.

Furthermore, Macalintal said the sites have an IFRAME that redirects users and installs malware.

“Expect more new ones [malicious sites] to come our way this Christmas,” he warned.

Adam Biviano premium services manager at Trend Micro said the malware can be dished up in any search engine.

“There’s no reason why [the threat] shouldn’t be on other sites,” he said.

Asked what page the dubious sites appear on, Biviano said he didn't have specifics but speculated the attackers could be using SEO techniques that a web designer would use to get a high search engine rankings.

“Websites don’t appear on search engines overnight. They may have uploaded these sites months ago and then added malware,” Biviano said.

On Wednesday afternoon, a Google Australia spokesperson said the searches are now clean and stated: "Sites that exploit browser security holes to install software (such as malware, spyware, viruses, adware, and trojan horses) are in violation of the Google quality guidelines, and may be removed from Google's index."

"Google takes the security of our users very seriously, especially when it comes to malware,” the spokesperson said.

In a blog post on SunbeltBLOG on November 26, Alex Eckelberry signalled the initial warning of this trend and said "a large amount of seeded search results which lead to malware sites in Google have been noticed."

Eckelberry warned: “Clicking on these links will expose the user to exploits which will infect a vulnerable system (in other words, a system that is not fully up-to-date with the latest patches)."

 
Ads by Google
Thoughts on this article? Add a comment below.
Be the first to comment on this article.

Report this comment as offensive:

   * Indicates information we require to process your submission.

Name: *
Email: *
Reason for offense: *
Your report will not be displayed.  
Name:
*
 
Email:
(will not be displayed)
*
 
Comment:
(HTML not permitted)
*
 
Validation
*

Enter the code you see below:

 

 
 
 
 
 
Tripwire - Click here to win an iTouch
 
 
Vulnerabilities & Exploits Whitepapers
 
Popular Tags
barak barrage christmas during hit holiday homepage internet malware microsoft recession rogue rules russia security spam threats vendors virus web