RSS Alerts

Share

More services

Related Links

Related Stories

  • The art of social engineering
    Social engineering is not new and it’s here to stay. Kevin Townsend looks at how social networking is a social engineer’s best friend and asks what we can do to protect ourselves from this very real – and very personal – threat
  • Comment: What’s your (SEO) poison?
    SEO poisoning is an increasingly popular method of attack for cybercriminals, and one that shows they are using more sophisticated techniques. In the last year, attackers have poisoned search results on everything from the MTV Video Music Awards to Google Wave invitations. Patrik Runald of Websense asks what makes these attacks such a success, and what does this mean for 2010?
  • 2009 was a record year for malware
    A PandaLabs report claims that 2009 will go down as perhaps the most prolific in malware history. In 2009, malware creators tapped into search tools used by the majority of web surfers, and exploited current events and popular culture.
  • Rogue anti-virus scamware hitting hard, says Webroot
    Research by Webroot suggests that the rash of anti-virus scamware - which reports that the users' PC is infected, when it is not, and then requests a payment for registration - is sucking in a lot of internet users.
  • SQL infection cracks reported on thousands of sites
    It seems that a large number of commercial websites have been hit by an automated SQL injection attack that reroutes visitors to 'LizaMoon' web addresses where they are greeted with fake messages that their PCs have been infected with malware.

Top 5 Stories

News

Fake search engines used to divert users to malware infected websites

07 May 2009

Hackers are starting to create fake search engine sites to divert hapless internet users to malware infected websites, says PandaLabs, the research operation of Panda Security.

According to researchers at PandaLabs, when internet users look for popular text searches such as 'flu statistics,' they are being offered URLs that lead them to websites containing video reports.

These video reports require users to download new 'video codecs' to view them, but the download/install code is actually a malware infection, says the IT security vendor Panda Security.

The nett result of the install is that users are infected with fake antivirus applications which then attempt to extort money from users by pretending their PC is infected and only the newly-installed IT security application can remove the 'infection.'

The situation is being compounded, Infosecurity notes, with a similar methodology applied to releases of the latest movies via BitTorrent file-sharing indexes.

A search for the latest Star Trek film - which is released to UK cinemas this week - for example, gives BitTorrent users access to what appears to be a 700MB download file of the film, which then requires users to install a 'Masters Release video codec.'

The download appears to be a piece of malware that routes users to a number of rogue websites using a bogus search engine add-in to the user's web browser software.

And as well as being infected, users still cannot view their copy of the Star Trek film - which appears to be another film entirely.

Unconfirmed reports suggest that the infected copy of the Masters Release of Star Trek is being fileshared by thousands of users on the internet.

 

This article is featured in:
Application Security • Internet and Network Security • Malware and Hardware Security

 

Comment on this article

You must be registered and logged in to leave a comment about this article.

Terms & Conditions |Privacy |Website Design|Reed Exhibitions. All rights reserved. Copyright © 2012