Access member only content, take part in discussions with comments on blogs, news and reviews and receive all the latest security industry news directly to your inbox. Join now for free.
A confirmation email has been sent to your email address - SUPPLIED EMAIL HERE. Please click on the link in the email to verify your email address. You need to verify your email before you can start posting.
If you do not receive your confirmation email within the next few minutes, it may be because the email has been captured by a junk mail filter. Please ensure you add the domain @scmagazine.com.au to your white-listed senders.
An ongoing attack on Google users is sending victims to rogue anti-virus software sites, researchers said this week.The attack takes advantage of Google's page-ranking feature, according to researchers at eSoft's Threat Prevention Team. The scam works like this: an attacker hacks a site, but instead of embedding exploits on the hacked site, they put links to other websites to boost rankings for malicious sites, and Google users in particular seem to be the targets.“The sites whose search engine ranking is being boosted are now serving up malware through a complex series of redirects,” Lee Graves, senior technical services engineer with eSoft, wrote on the company's Threat Prevention Team blog. “However, the redirects and the malware are only served up if the user gets to the site after clicking the link on Google. Going directly to the malicious site (by pasting into your browser directly) results in a harmless page.”But clicking on the results in Google may bring the user to a website using a common rogue anti-virus template that alerts the user that their PC is infected and prompts unsuspecting users to download what is really a trojan.“They're actually using a PageRank bomb, or blackhat SEO attack,” Graves told SCMagazineUS.com.There seems to be a few specific search terms being used, and others terms are regularly being added, he said.“There are bunch of dangerous search terms,” Graves said. “As news changes, the terms they use change. The scam is similar to other scareware attacks, he said.“If you click on a dangerous result, you'll get redirected around to a couple of places, then come to a rogue AV site that says you're infected with all kinds of malware,” he said.So far, Google is the only search site involved in the attack. A spokesman for the search giant could not be reached for comment.See original article on scmagazineus.com
To begin commenting right away, you can log in below or register an account if you don't yet have one. Please read our guidelines on commenting. Offending posts will be removed and your access may be suspended. Abusive or obscene language will not be tolerated. The comments below do not necessarily reflect the views or opinions of SC Magazine, Haymarket Media or its employees.