« Tool availability - browser DOM Checker | Main | Swedish Bank Stops Attempt to Take Control of Computer and Transfer Millions »

SEO + Hacked Hosts Rig Google to Deliver Malware

"If last November you googled one of thousands of innocuous and common search terms, such as "Microsoft excel to access" or "how to teach your dogs to fetch," you were in line for an Internet attack that infects PCs with spam senders, password stealers, and other kinds of nasty malware.

Beginning on November 24 and continuing for less than a week, bad guys loaded up more than 40,000 Web pages with malicious software and thousands of common search terms. They then employed an automated network of malware-infected computers--known as a botnet--to link to those sites in blog-comment spam and other places. The mentions elevated the position of the poisoned sites in search results, often to the first page.

The malicious sites had no useful information. Instead, a simple click on a link to such a site in the search results was enough to launch attacks against your PC. If the attack found any of a number of vulnerabilities in a range of programs, it would load." - PCWorld

This is why I suspect search engines will move to a Digg based system (like wikipedia's beta search engine) and sole usage of algorithms for site placement less and less. Sure you can hire people in china/elsewhere to be your click monkey however this is much less effecient than simply utilizing SEO/blackhat SEO methods. Since we know this attack works it will continue to be used until it becomes a massive issue. This affects just about every search engine not just google so don't consider this a problem only google is dealing with. Consider this the first nail in the 'site algorithm only' coffin.

Article Link: http://www.pcworld.com/article/id,141796-c,onlinesecurity/article.html


Feed You can follow this conversation by subscribing to the comment feed for this post.

All Comments are Moderated and will be delayed!