Harsh times for Google and I don’t mean financially! It would appear that rogue sites and dodgy links are being moving higher up in their rankings. Google are being outwitted by being tricked into displaying compromising web pages as a way for cyber-criminals to hijack end user’s computers, downloading personal information and stealing credit details. One attempt that has been successful in their activities has been to entice specific groups of people by using the phrase ‘Cheap vista for students‘ in Google search terms.
The term returned more than 19 million results in which a large percentage of the results redirect users towards a site called soft4pcs.com. The site contains a number of pirated copies of popular software titles and works by putting up a fake prospect of being an online store offering cheap products. Users are then attracted to the ‘cheap’ product and so enter in their details where the attackers take away what they need.
Other attacks have been seen from a group called ASProx which is a botnet, injecting malicious links into ASP WebPages that have been incorrectly configured. Searches that have been made for terms like ‘used corvette parts’ have returned results pointing to a page that has redirected users to ads-t.ru that has attempted to serve a hostile Adobe Flash file which installs malware onto computers.
Researchers have reported that Google has more than 3.2 million results containing sites with malicious script and its rival Bing showing 188 million results. Those figures reduced significantly for the same search terms after many blogs and warning were posted across the internet. The attacks only reveal just how intricate the role of search engines, domain name registrars, webhosts and websites play in the potential for scamming a large number of people.
The problem also arises when the web pages that have been compromised are found to be hosted by legitimate websites, which appear to have administrators who have not been careful. Some of the victim websites have included Stanford University, Official Webby Awards site and the official website for 1980’s musician Bryan Adams. It has been said that the attackers would not compromise these sites if Google did not feature them as prominently in their results.
Currently Google use algorithmic and manual techniques to pinpoint the scammers and removing them immediately. However, the difficulty lies in these criminals finding new ways to compromise web pages and thus constantly succeeding in tricking Google and other small search engine programs. Nevertheless, Google and Microsoft’s security team are continuing in their efforts to prevent and remove malicious links from their search results flagging sites as they go along.
To see more in-depth information on how these rogue activities are effecting search results read the following blog post from Unmask Parasites when they demonstrate the extend of the issue and how users and search results are being maniplucated.
Leave a Reply