Security Bytes

Jan 26 2010   1:37PM GMT

Attackers continue barrage of SEO attacks

Robert Westervelt Robert Westervelt Profile: Robert Westervelt


Popular search term exploited to funnel users to a rogue search engine. A variety of tactics continue to prey on search engine users.

Research analysts at Trend Micro have identified another attack attempting to use popular search terms in Google and other search engines. Using the phrase “free printable,” users will get a variety of results including some pages designed with malicious JavaScript redirecting them to a rogue search engine.

According to TrendLabs’ JM Hipolito:

As of now, the cybercriminals’ goal in all this seems to be hijacking search traffic from search engines, and redirect them into their own search engine to earn them money. If it stays as such is not yet known, but users need to be wary, since it would be very easy for cybercriminals to change the final landing site of the redirections to a malware-hosting site.

We recently wrote about popular search terms being optimized by cybercriminals to ensure their attack websites are highly visiible in search results. Some are less nefarious and try to get as many users as they can to view their ad riddled sites. Others host malware and rogue antivirus programs.

A popular search for Tiger Woods in December resulted in a number of malicious sites hosting rogueware. In the case of “free printable,” Trend said the term is a highly popular phrase in South Africa and the United States.

Users of Internet Explorer can be tricked easily since the programs are designed to look like a Windows Security alert followed by a fake scan and instructions to download a program to remove malware. Sometimes victims are asked to pay a fee for the fake antivirus, other times they are duped into downloading the program, riddled with malicious programs.

At the time Sean Sullivan of F-Secure urged people to search for topical items on Google News rather than Google’s main search engine. Many legitimate news sites have Web admin teams protecting them, he said.

Security researchers warned last June that cybercriminals were attempting to exploit the Michael Jackson and Farrah Fawcett deaths. Poisoned search engine results sent users to a variety of malicious sites, many leading to bogus antivirus downloads.

2  Comments on this Post

There was an error processing your information. Please try again later.
Thanks. We'll let you know when a new response is added.
Send me notifications when other members comment.

Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to:

Share this item with your network: