Attackers often use search engines to deliver malware. Earlier we reported that Yahoo-sponsored search results were used to promote misleading applications. Also, attackers reportedly abused Google advertisement services in order to push out misleading applications.
Instead of using techniques like search engine optimization (SEO) poisoning to get the optimum listing in the search engine results, attackers have recently been using Google’s sponsored links. In this situation the attackers’ advertisements would have been displayed on all websites that use Google’s sponsored links. For example, when a user searches for Adobe Flash player 9, Google-sponsored links might display one particular download link as flashplayer.9-downloadcenter.com. (Please do not...
Easter is around the corner and as expected, attackers have already started to poison search engine queries to redirect users to websites that deliver misleading applications. Various search keywords related to Easter have been poisoned in Internet search results so that links to rogue websites are returned in the search listings. Some of the examples of poisoned keywords are:
Attackers are using various tricks, such as referrer checking, in order to evade security researchers. If the bogus domains returned in the search listing are visited directly, we will see a page with many Easter-related keywords and links used to bolster the page’s search ranking. However, if the bogus links are clicked on from the search engine results, users will be redirected to...
Search engines are often used by attackers as platforms from which to deliver malicious code. A while ago it was reported that Google was serving up advertisements that led to misleading applications (also known as rogue antispyware products).
This time, the malicious code authors are using “Yahoo! Sponsored Search” listings as a means to promote a misleading product called ”Antivirus & Security.” Antivirus-2009-new.com and Antivirus-pro-download.com are returned in Yahoo! Sponsored Search results as the latest version of AVG antivirus; however, the website actually claims that it is better than AVG and is an alternative to AVG antivirus. The sponsored search result leads to antivirus-2009-new.com and antivirus-pro-download.com, where users are asked to make a payment to buy a membership in order to obtain the product.
