Andre Yee's Security Insider

Andre Yee

Google Sponsored Links - Open Door to Malware Site?

By Andre Yee on May 1, 2007 10:14 PM 0

The Exploit Prevention Lab blog reports on how hackers are using Google sponsored links to infect machines with a variant of the MDAC exploit. Here's how it works -

Popular Google searches like "Better Business Bureau" will turn up a rogue link leading to a malicious site. In the case of "Better Business Bureau" search, the query actually turned up the rogue link as the #1 sponsored site. However, before taking you to the BBB site, it actually sends you to smarttrack.org which sounds innocuous enough...except that it's not.

Smarttrack.org uses a variant of the MDAC exploit to install a backdoor and a post-logger on your system. The postlogger targets the websites of top banks around the world with a phishing attack to entice online banking customers to unintentionally reveal vital information. What makes this both a clever and insidious use of Google links is that most browsers do not provide a preview address with Google sponsored links (the way they do with most other links).

And one other thing - Google suspended the accounts of the malicious sponsored links. Thought I should mention that. If you want to read the latest on this, here is a report with Google's response to this.

Leave a comment

Recent posts from our Blogs

Defining BPM by Scott Cleveland in BPM from a Business Point of View
BPM and the CIO's Dilemma by Joe McKendrick in Business Transformation in Action
Why is social BI just as important as regular BI? by Nari Kannan in New Frontiers in Business Intelligence
Summer reading and sharing your opinions by Anne Stuart in Anne Stuart’s BPM in Action
BPM & Customer Expectations by Scott Cleveland in BPM from a Business Point of View
Fixing the Fifth Root Cause of Bad Data Quality - Errors in the BI Reporting Logic by Nari Kannan in New Frontiers in Business Intelligence
Can BPM optimize enterprise content management? Talking with Steve Weissman by ebizQ in ebizQ's Business Agility Watch
BPM and SOA Roundup: Cloudy BPM, Social Business, Single-Purpose Apps by Joe McKendrick in Business Transformation in Action
Driving a Stake Through the Heart of Single-Purpose Apps by Scott Menter in Ground-Floor BPM
Risk Managers: What should you report to the Board? by Steven Minsky in Manage Tomorrow's Surprises Today

An open dialogue about security and compliance for the enterprise.

Andre Yee

Andre Yee is an entrepreneur and technologist with nearly 20 years of experience in the business of technology.

Subscribe

Twitter Follow me on Twitter
Subscribe CloudTalk

Recently Commented On

Top 10 Most Vulnerable Apps for 2007 (1)
E.J.Hoover wrote: This looks more like the list of th... [more]
Update on the Past Month (1)
Peter wrote: Just want to say welcome back, and ... [more]
Beware the iPod? (1)
Edward Lansink wrote: More information on the dangers of ... [more]
Privacy, Information Theft and Security (1)
Charles Nicholls @ www.seewhy.com wrote: Andre - you are right on. The probl... [more]
Web Services Security - Web Application Threats (3)
ast wrote: Hi Andre, I have been thinking abo... [more]

Recent Webinars

Recent News

Categories

Alerts/Warnings, Compliance, Industry Trends, Insider Attacks, IPS/Firewall Technology, M&A, Network Security, Odds and Ends, Privacy/Information Theft, Product Announcements, Spam & Spyware, web 2.0, web services security, Wireless Security,

Blogs

ADVERTISEMENT