Print 8 comment(s) - last by RyanHirst.. on May 1 at 2:51 AM

Cyber criminals purchased legitimate-looking links which attempted to install malware onto unsuspecting systems

Google recently admitted that hackers successfully hijacked AdWords, which allowed cyber criminals to use affected links to redirect users to web sites that contained malicious software.  Google immediately shut down the offending links once they were discovered early last week.

At least 20 specific search terms that appeared on Google as legitimate ads, redirected users to, which distributed the malicious code.  Users were sent to the legitimate site thereafter the damage was done.

The flaw appears to only have affected users of the Microsoft Windows XP operating systems.  The web exploit was discovered by Exploit Prevention Labs, a security firm.  They said they found the threat earlier this month when searching the phrase “how to start a business.”  One of the hyperlinks related to the search term led to a site that attempted to install a keylogger.

"This is an issue we've taken very seriously and will continue to monitor.  We are evaluating our systems to ensure that the appropriate measures are in place to block future attempts," Google said.

It is unknown how many people were affected by the exploit. The Mountain View-based company declined to disclose which search terms were involved.

Comments     Threshold

This article is over a month old, voting and posting comments is disabled

CPC Affiliates
By James Holden on 4/30/2007 5:29:40 AM , Rating: 5
About 3 months ago I quit my job to focus on my lucrative hobby optimizing Google Adwords campaigns. It's easy: get a cost-per-click portal with someone like Amazon, then send the links into Google Adsense with bids lower than the affiliate payout. The trick really is just finding places where the CPC is lower than the Google bid.

The fact that these guys were pumping out Malware to do the same doesn't surprise me at all. Adsense is virtual Deadwood - you can do just about anything you want until you get caught. And even then, it takes about 10 minutes to sign up for a new account.

I don't see this business model continuing forever. There is already a tight community that dominate the correct keywords. Trying to buy words like "DUI Laywer New York" is as much as $10 per click, but believe me none of those attorneys are the ones you want!

Having a user-driven ad system begs for exploitation. I have a feeling this will become a hot topic this year.

Non Sequitur
By RyanHirst on 5/1/2007 2:51:58 AM , Rating: 3
Regarding the ad placed squarely in the center of this news piece. I know it's an ad. I know they can say what they want. Still, this statement keeps looking at me, and it's irritating: "You can cure tired."

You cannot.

But you CAN buy chocolate hazelnut whipped cream.

So. To sum up:
Cure for tired: No.
Chocolate hazelnut pu- ah... I mean whipped cream: Yes.

Draw conclusions as you see fit.
Carry on

Even though it was 3am when you posted...
By Etsp on 4/30/07, Rating: -1
By Bull Dog on 4/30/2007 4:20:08 AM , Rating: 2

new word eh?

RE: Even though it was 3am when you posted...
By BladeVenom on 4/30/2007 4:44:08 AM , Rating: 2
Or maybe it should be cybersimians.

RE: Even though it was 3am when you posted...
By Christopher1 on 4/30/2007 4:59:08 AM , Rating: 2
I agree with that sentiment. I'm really getting tired of these 'drive-by' attacks, which seem to be happening more and more and more as the days go by.

Amazingly, thus far I have not been hit ONCE by a really nasty hijacker or virus, except for Zlob which I blame on myself for installing it thinking it was a codec.

RE: Even though it was 3am when you posted...
By Rotkiv on 4/30/2007 5:52:43 AM , Rating: 2
I am glad I am not the only one fooled by Zlob

btw, why cant I change the subject?

By Macuser89 on 4/30/2007 6:26:01 AM , Rating: 2
^^you clicked reply. Post comment changes the subject.

"When an individual makes a copy of a song for himself, I suppose we can say he stole a song." -- Sony BMG attorney Jennifer Pariser

Copyright 2016 DailyTech LLC. - RSS Feed | Advertise | About Us | Ethics | FAQ | Terms, Conditions & Privacy Information | Kristopher Kubicki