iPad search turns malicious
In an interview with CNET, Don Debolt, CA's Director of Threat Research, warned about "black hat search optimization" - a scam whereby hackers take advantage of security flaws in blogs and other sites that use PHP to imbed popular search terms like iPad to trick search engines into directing people to compromised legitimate sites that may have nothing to with the subject matter at hand. If someone clicks on the link to a page on that infected site they are then redirected to a malicious site which can implant malware on their machine or tempt them to install a rogue security product.
But the security agencies say that this has to do nothing with iPad at all. Even earlier popular searches have been targeted by hackers before like Michael Jackson and Jessica Beil. Google has a trends page that shows hot topics and hot searches. On Thursday afternoon the iPad was represented four times on the top-10 list. "Obama State of the Union" led the list.
The entire process is automated, said Debolt. "We found that it's a very systematic and programmatic process right now," Debolt said. The attackers, he said, are using software to query search engines to find out the popular search topics and then "feeding that information into compromised web sites so that those compromised sites and the content they put on those sites get indexed by the search engine bots." To the end user it looks as if those sites have relevant content but when you click on those pages, you are immediately taken to another site that has the malware.
Debolt warns people to be careful if a search engine points to a site where "the root domain of the URL doesn't have any type of affiliation of the topic or is not an information portal you're familiar with."
Experts on SiliconIndia
Post your Comment
All form fields are required.