backtop


Print 8 comment(s) - last by RyanHirst.. on May 1 at 2:51 AM

Cyber criminals purchased legitimate-looking links which attempted to install malware onto unsuspecting systems

Google recently admitted that hackers successfully hijacked AdWords, which allowed cyber criminals to use affected links to redirect users to web sites that contained malicious software.  Google immediately shut down the offending links once they were discovered early last week.

At least 20 specific search terms that appeared on Google as legitimate ads, redirected users to smartattack.org, which distributed the malicious code.  Users were sent to the legitimate site thereafter the damage was done.

The flaw appears to only have affected users of the Microsoft Windows XP operating systems.  The web exploit was discovered by Exploit Prevention Labs, a security firm.  They said they found the threat earlier this month when searching the phrase “how to start a business.”  One of the hyperlinks related to the search term led to a site that attempted to install a keylogger.

"This is an issue we've taken very seriously and will continue to monitor.  We are evaluating our systems to ensure that the appropriate measures are in place to block future attempts," Google said.

It is unknown how many people were affected by the exploit. The Mountain View-based company declined to disclose which search terms were involved.


Comments     Threshold


This article is over a month old, voting and posting comments is disabled

CPC Affiliates
By James Holden on 4/30/2007 5:29:40 AM , Rating: 5
About 3 months ago I quit my job to focus on my lucrative hobby optimizing Google Adwords campaigns. It's easy: get a cost-per-click portal with someone like Amazon, then send the links into Google Adsense with bids lower than the affiliate payout. The trick really is just finding places where the CPC is lower than the Google bid.

The fact that these guys were pumping out Malware to do the same doesn't surprise me at all. Adsense is virtual Deadwood - you can do just about anything you want until you get caught. And even then, it takes about 10 minutes to sign up for a new account.

I don't see this business model continuing forever. There is already a tight community that dominate the correct keywords. Trying to buy words like "DUI Laywer New York" is as much as $10 per click, but believe me none of those attorneys are the ones you want!

Having a user-driven ad system begs for exploitation. I have a feeling this will become a hot topic this year.




"I mean, if you wanna break down someone's door, why don't you start with AT&T, for God sakes? They make your amazing phone unusable as a phone!" -- Jon Stewart on Apple and the iPhone











botimage
Copyright 2014 DailyTech LLC. - RSS Feed | Advertise | About Us | Ethics | FAQ | Terms, Conditions & Privacy Information | Kristopher Kubicki