- How to make new stuff from your piles of obsolete tech
- Why your computer sucks
- 10 recession-proof IT skills
- Juniper execs share network vision
- 9-year-old plots his fifth Microsoft certification
If last November you googled one of thousands of innocuous and common search terms, such as "Microsoft excel to access" or "how to teach your dogs to fetch," you were in line for an Internet attack that infects PCs with spam senders, password stealers, and other kinds of nasty malware.
Beginning on November 24 and continuing for less than a week, bad guys loaded up more than 40,000 Web pages with malicious software and thousands of common search terms. They then employed an automated network of malware-infected computers - known as a botnet - to link to those sites in blog-comment spam and other places. The mentions elevated the position of the poisoned sites in search results, often to the first page.
Click Here for Free Attack
The malicious sites had no useful information. Instead, a simple click on a link to such a site in the search results was enough to launch attacks against your PC. If the attack found any of a number of vulnerabilities in a range of programs, it would load.
"This was a massive wave," says Alex Eckelberry, president and CEO of security firm Sunbelt Software.
The attack marks a new level of sophistication, using multiple techniques to raise site visibility in search results and deliver malware to a mass audience.
Sunbelt researcher Adam Thomas happened upon the attack when he ran a search of "netgear ProSafe DD-WRT" for router firmware. His trained eye saw a suspicious-looking result on the first page. More research and digging on other phrases turned up the vast array of attack sites.
None of the sites from this wave, or a smaller follow-up group, appear now on Google, and Eckelberry and other experts believe the search giant has blocked those specific domains. But Google isn't saying what it did to stop this attack, or whether measures are in place to halt a recurrence.
Rss FeedRss Feed
The Leader in Network Knowledge
Comments (6)
RE: Hackers rig Google to deliver malwareBy Alliance-Datacom on January 29, 2008, 11:11 amYet another example of how you must never let your guard down. When you are on the web clicking away be aware of what it is your clicking. If anything looks out...
Reply | Read entire comment
Feeling lucky? Maybe not...By Cement Head on January 29, 2008, 11:37 amHuh - perhaps Google should remove the "I feel lucky" button (which justs sends you straight to the highest link instead of listing them) as a defensive measure...
Reply | Read entire comment
Info-warBy wizodd on January 29, 2008, 1:00 pmIn the age of information and guerrilla warfare, the United States of America has the largest, fastest, most heavily armed, most radioactive tanks ever developed. How...
Reply | Read entire comment
can we get a list ofBy Anonymous on January 29, 2008, 8:32 pmcan we get a list of security messurs to protect our computers and our companys computers as soon as posible
Reply | Read entire comment
Just another new way forBy chikt on January 31, 2008, 8:41 amJust another new way for hackers and phishers to catch people I suppose, read my comments in the Google-Gal blog at http://www.networkworld.com/community/node/24544
Reply | Read entire comment
Yet another example whenBy Anonymous on January 31, 2008, 12:33 pmYet another example when Google's over-dependence on automation has been compromised. Back when googlebombing was all the rage, Google knew about it but refused...
Reply | Read entire comment
View all comments