Search results hijacked by hackers
A massive ring of malicious websites that had infiltrated the search results of Google, Yahoo and MSN has been uncovered, reports BBC News.
The sites, which appeared in the natural search results for terms including “Christmas gifts” and “hospice” were targeting vulnerabilities in the browsers of unsuspecting visitors.
Alex Eckelberry of Sunbelt Software, one of the firms involved in discovering the network of sites, said that although these kind of attacks are commonplace, the sheer scale of the recent campaign was unprecedented,
“This was fairly epic,” explained Alex, adding that “If your machine was not fully patched you were going to get hosed,”
The websites involved posed as serious sources of information to convince the search engines they were legitimate. In reality, they were loaded with malicious software designed to find and exploit unpatched versions of Microsoft’s Internet Explorer browser.
There are thought to have been websites spread across tens of thousands of domains involved in the attack; many located in China and registered in the last few days. A campaign of comment spamming blogs helped pushes the websites quickly up the rankings where they could maximise traffic.
“You could be searching for really innocuous things and get nailed,” said Alex. “There was really nasty stuff in there.”
Another company involved in detecting the attack was security firm Trend Micro. Chief Technology Officer, Raimund Genes, speculated that the Russian Business Network - a criminal gang specialising in Internet fraud - might be behind the attack.
There is no estimate of how many people might have been affected by booby-trapped sites, which were in operation for around 24 hours before Google began removing them from its search indexes.
There are fears thought that this could be the start of a more sustained campaign, as Mr Eckelberry warned of the prospect of more attacks in the pipeline.
“This is not going to go away,” he said.
| 
