It seems that scammers have found a way to infiltrate Google search to push malicious software to visitors. Many have complained about Google Image search results directing them to pages that prompted them to download anti-virus scareware via misleading error messages and alerts (ie. Your computer is infected! Click here to fix!).
According to SANS Internet Storm Center, these attackers have been able to distribute malicious scripts across an unknown number of sites which populate the pages based on topics from Google Trends. These scripts than grab images from other sites which makes them look legit in an image search.
A Russian malware researcher, Denis Sinegubko, says this is “the most efficient black hat trick ever,” and added that it was very simple to set up. Sinegubko says about 5,000 sites have been hacked, with the average site containing 1,000 of these bogus pages. This results in Google sending 15 million visits to these sites every month.
Google spokesman Jay Nancarrow said the company is aware of the attacks and is making “active efforts to improve both the quality of the results and malware detection.” He added that they are “improving, as are the people trying to put users at risk, and in the interests of those users it’s best if we don’t reveal everything that we’re doing about this.”
Sinegubko is developing an add-on for Firefox that can flag these evil Google Image search results by placing a red box around them. You can also protect yourself by using an add-on like Noscript, which restricts what sites can run scripts in your browser. Similar add-ons exist for Google Chrome as well.Category: News | Tags: exploit, google, image search, malware, scareware