If a hacker managed to hack into your blog or website, what could they possibly do? They could insert malicious iframes or JavaScript code into your Web pages. Probably even attempt to steal some data. But most likely they would "search engine optimize" your website. Can this be true? Well, let me explain more.
Search engine optimization (SEO) is a collection of techniques used to achieve higher search rankings for a given website. "Black hat SEO" is the method of using unethical SEO techniques in order to obtain a higher search ranking. These techniques include things like keyword stuffing, cloaking, and link farming, which are used to "game" the search engine algorithms.
So what does a hacker gain from all this? Why would a hacker help you achieve a higher search engine ranking? Quite the contrary; he is helping himself.
What the hacker actually does is add numerous additional Web pages to your website. Let’s call each of...
Welcome back to this blog series on misleading applications. This is the concluding article, so if you need a refresher on what we’ve covered to get to this point, have a look at the first two parts (part 1 and part 2). Essentially, today I’m going to conclude how malicious users gain access to Trojans, fake codec, and fake scanner URLs in order to distribute misleading applications. And, it may be of some interest to discuss why those with malicious intent would do this (easy money, perhaps?), but I’ll break some reasons down for you. Also, I’ll provide some tips to protect your computer from these threats and to keep your eye out for telltale signs of misleading apps.
The first article of this blog series provided an introduction to rogue applications that parade as fake antivirus scanners and/or fake “system cleaners.” Once installed, these misleading applications attempt to scare the user into believing that his or her computer is infected with dozens or more threats. This is done using constant pop-ups, task bar notification icons, etc. These apps usually start off with a fake scan of the system and then proceed to report non-existent threats on the system. The goal here is to try to lure the user into buying the fake product, which promises to clean up all of those made-up threats.
Today, I’m going to continue discussing the ways in which malicious applications make it onto a victim’s system. In this article I will show you the distribution vectors for fake scanner Web pages.
Lately there has been a huge influx of misleading applications (a.k.a. rogue or fake antivirus applications) plaguing users. By traditional definition, these programs are rogue applications that parade as fake antivirus scanners and/or fake “system cleaners.” For a good briefing on this type of “scareware,” take a look at the description provided here.
Once installed, these applications attempt to scare the user into believing that his or her computer is infected with dozens or more threats....
Authors of misleading applications have always been coming up with new techniques in order to entice or scare users into buying their fake products. Once installed on the system, a misleading application uses various social engineering techniques, some of which involve displaying fake scans, fake threats, and fake error messages. These techniques attempt to scare users into buying or activating the product in order to erase the made-up threats and remain protected. The registration usually costs $20 to $50 USD, but this is simply a huge social engineering scam.
Recently we came across a misleading application, Antivirus 2009, using a new social engineering technique. Once the latest version of Antivirus 2009 is installed on a system it registers a Browser Helper Object (BHO) called “winsystems.dll”. BHOs are plug-in extensions for Internet Explorer and are often used by malicious applications.
Now, whenever a user visits any Google pages, the BHO modifies...
