Google AdWords virus hazards
p2pnet.net news:- Virus writers have zeroed in on Google’s ’sponsored’ [read 'bought'] links shown with search engine results.
Crooks are using Google AdWords to infect unsuspecting users with malware, says security software developer Exploit Prevention Labs.
“Under the guise of ads for legitimate, trusted organizations like The Better Business Bureau, unsuspecting users are instead redirected to malicious sites that attempt to install exploits and other malware,” it says.
Cto Roger Thompson says his company’s community intelligence network has been finding exploit detections seemingly at household name sites such as the Better Business Bureau or cars.com but in reality, they’re, “actually coming from a place called smarttrack.org masquerading as one of the legit sites.
Google searches such as the phrase BetterBusinessBureau or “Florida Business Opportunity Law” or “Modern cars airbags required” will turn up these dangerous sites, says Thompson on his blog.
On the night of April 23, Exploit Prevention researchers discovered one of the rogue links was the number 1 sponsored link when people entered the phrase BetterBusinessBureau, he says, going on:
It sure looks like it will take you to a BBB website, and that’s where you end up.
First, however, it takes the unwary traveler through smarttrack.org, which uses a modified MDAC exploit to try to install a backdoor and a post-logger on your system. The post-logger is specifically targeting about 100 banks from around the world, by injecting extra html into those banks response pages, to try to coax extra information out of the victim. (Although it specifically targets those 100, it is an equal-opportunity logger and happily logs all user ids and passwords for any webpage.)
Also, because the post logger is a browser helper object, it is part of the end-point of any SSL transaction, and can see everything in plain text, instead of encrypted.
Says Thompson, “lots of links in any search engine point to infective sites, so that’s not really a surprise, but this does highlight a significant issue.”
Google seems to have terminated that account, “but we detected about 20 different search strings that resulted in links to smarttrack.org, so it is not yet clear if all the links have been cleared up, but LinkScanner and SearchShield will surely reveal that over the next few days,” he adds.
Also See:
blog – Google sponsored links not safe?, April 24, 2007
If your Net access is blocked by governBryan Adams slams Net radio hikement restrictions, try Psiphon from the Citizen Lab at thIs the endSurvey: How Did Copyright Infringement Become Equated with Robbery? (of the Net) nigh?zze University of Toronto’s Munk Centre for International Studies. Go here for the official download, here for the p2pnet download, and here for details. And if you’re Chinese and you’re looking for a way to access independent Internet news sources, try Freegate, the DIT program written to help Chinese citizens circumvent web site blocking outside of China. Download it here.
rss feed: http://p2pnet.net/p2p.rss | | Mobile – http://p2pnet.net/index-wml.php | | And use free p2pnet newsfeeds for your site
Tired of being treated like a criminal? They depend on you, not the other way around. Don’t buy their ‘product’. Do bug your local politicians. Use emails, snail-mail, phone calls, faxes, IM, stop them in the street, blog. And if you’re into organizing, organize petitions, organize demonstrations and then turn up on your local political rep’s doorstep, making sure you’ve contacted your local tv/radio station/newspaper in advance. Don’t just complain. Do something!
