NOW READ THIS
("Security Advisory")
Go Back
Submitted by: Bill Hickey
NCVA List Master
NRT-0160 Hackers Exploit Major Search Engine-Sponsored Ad Links:
Since at least 10APR, criminals have been using sponsored advertisement (ad) links - paid ads that are shown alongside regular search engine results on Google's search engine in order to direct users to web sites that attempt to exploit their system, according to an online press report citing research by security firm Exploit Prevention Labs. These criminals have managed to seed Google's sponsored links with their malicious web site links. When Google users have searched for certain legitimate web sites such as "BBBonline.org", the official web site of the Better Business Bureau, or "Cars.com", a legitimate car sales site, the criminals' web sites have appeared as the first result in the list of sponsored links. When users clicked on the sponsored link that was placed by the criminals, they were first silently directed to the site "smarttrack.org", which used a modified Microsoft Data Access Components (MDAC) exploit against Microsoft's Internet Explorer browser in order to load malicious software (malware) onto the visiting system. Once the attack has taken place, the user is redirected to the legitimate web site for which they searched, making it appear to the user that everything is normal.
According to the report, as of 25APR steps to address this threat were underway, or the activity had been redirected, as the malicious sponsored links no longer appeared on Google for the known search terms that they had previously targeted.
Previously, hackers have used banner ad links on high traffic web sites such as MySpace.com or WebShots.com in order to infect users with malicious software.
(WashingtonPost.com 25APR07; explabs.blogspot.com 24APR07)
Last Modified: Sunday, 06-May-2007 08:52:32 EDT