Security Bytes

Dec 1 2009   4:12PM GMT

Hackers use Tiger Woods saga to conduct search attacks

Robert Westervelt Robert Westervelt Profile: Robert Westervelt

People searching for news about Tiger Woods’ personal problems could find themselves in a world of hurt.

Those eager to learn about Tiger Woods’ personal problems may gain some issues of their own if they click on a poisoned link that appear in some search results. The famous golfer, who crashed his car and is reportedly having family problems has resulted in a spike in search engine traffic. That spike in traffic undoubtedly has attackers seeing dollar signs.

Security vendor F-Secure highlighted search engine optimized attacks using searches for Tiger Woods to spread rogue antivirus software. in a YouTube video Sean Sullivan from F-Secure Security Labs demonstrates the SEO attacks. Using a Mozilla Firefox browser, Sullivan entered the search query “Tiger Woods accident rumors” in Google.

The results included a link to a handgun website in Charlotte, North Carolina and a small church in West Virginia – websites that are not malicious, but don’t have a dedicated Web admin team keeping them secure. The hackers found a website flaw in each of the sites, and injected PHP code in them to conduct drive-by attacks.

The good news is that Firefox identified the two sites as a “reported attack website.” But Internet Explorer users will have their browser crash as Sullivan demonstrates in the video. A pop-up message appears warning that the computer is infected with malware. If the user clicks ok a phony antivirus scan takes place showing malware it detected. A file is then pushed out, believed to be a rogue antivirus program.

While the attack is not new, the ease in which a user of Internet Explorer can be duped into believing they have been infected is amazing to see especially if the user is not technically savvy. Sullivan urges people to use Google News to conduct their search, since many legitimate news sites have Web admin teams protecting them.

 Comment on this Post

 
There was an error processing your information. Please try again later.
Thanks. We'll let you know when a new response is added.
Send me notifications when other members comment.

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to: