« Short form for a EULA
Even encrypted Web-based email is in danger of wireless eavesdropping »

Google search links may not be what you think

Two months ago I posted about hackers putting malware sites into the top rankings for some common searches. This form of malware attack is a very serious concern since using search engines is a major part of Internet activity. The hackers have used some pretty sophisticated methods and a new article at PC World discusses the problem. It begins:

If last November you googled one of thousands of innocuous and common search terms, such as “Microsoft excel to access” or “how to teach your dogs to fetch,” you were in line for an Internet attack that infects PCs with spam senders, password stealers, and other kinds of nasty malware.

Beginning on November 24 and continuing for less than a week, bad guys loaded up more than 40,000 Web pages with malicious software and thousands of common search terms. They then employed an automated network of malware-infected computers–known as a botnet–to link to those sites in blog-comment spam and other places. The mentions elevated the position of the poisoned sites in search results, often to the first page.

There was a huge wave of attacks but Google apparently manged to clean it up:

None of the sites from this wave, or a smaller follow-up group, appear now on Google, and Eckelberry and other experts believe the search giant has blocked those specific domains. But Google isn’t saying what it did to stop this attack, or whether measures are in place to halt a recurrence.

The article discusses ways to search safely and notes:

Though this attack was crafty and effective, security experts say there’s no need to stop using Google, as long as you take some precautions. Most important: Keep your software patched and up-to-date.

The article mentions various software defenses but points out that social-engineering is also involved. As always, common sense is a vital part of staying safe on the Internet.

This entry was posted on Thursday, January 31st, 2008 at 1:59 pm and is filed under Privacy, Search, Security. You can follow any responses to this entry through the RSS 2.0 feed. Both comments and pings are currently closed.

One Response to “Google search links may not be what you think”

  1. dean Says:
    February 1st, 2008 at 12:12 am

    Alex Eckelberry at Sunbelt Software originally wrote about this issue. Although PC World gave him credit for that, two subsequent blog entries that Alex wrote about the issue are here:

    http://sunbeltblog.blogspot.com/2007/11/heads-up-more-google-poisoning-on-way.html
    http://sunbeltblog.blogspot.com/2007/11/more-on-massive-seo-poisoning-it-was.html

    Alex’s blog is a good read.