Subscribe in a reader

Since 'the geek shall inherit the earth', this geek is just waiting for his day to rule the world. In the meantime, he is a young Padawan for CNET Asia whilst toying with a myriad of fun stuff disguised as work and pretending to advise companies on tech business and new media strategies. His playmates range from startups, (un)Fortune 500s, to government organisations.
Subscribe to Geekonomics by Email

CONTACT Geekonomics

Now in this geek's bag:

. iPhone 4 32GB
. Kindle Graphite
. Canon Legria HFM32
. Samsung Galaxy Tab
. Algo Tablet
. LG Optimus 7
. Nokia N8
. Sony VAIO VGN-P23G
. Blackberry Bold 9780
. Lenovo Thinkpad W700ds a.k.a. "Chewie"
. Canon PowerShot G11
. Lenovo S10-2
. Jawbone 3rd Gen Bluetooth Headset with Noise Assassin
. Ultimate Ears Triple.fi Pro

Formerly in this bag:
. Lenovo Ideapad U260
. Blackberry Bold 9700
. Nokia N900
. iPhone 3GS 16GB
. Sony Ericsson Xperia X10 mini pro
. HTC Snap
. Plantronics Discovery 975 headset
. Acer beTouch E100
. Zune HD
. Nokia N97 Mini
. HP Probook
. Apple iPod Touch 2nd Gen with Ultimate Ears super.fi
. Nokia BH-902 Bluetooth Headset
. Blackberry 8800
. Nokia N96
. Blackberry Bold 9000
. LG WM6.5 Prototype
. Jawbone 2nd Gen Bluetooth Headset with Noise Assassin
. HTC Touch Cruise
. Lenovo Thinkpad T400s
. Canon Powershot G10
. Lenovo IdeaPad U350
. Canon Digital IXUS 990 IS
. Samsung Galaxy
. Canon Legria FS200
. Canon SX10 IS
. Blackberry Curve 8320
. Canon EOS 5D Mark II
. Canon Digital IXUS 980 IS
. Gigabyte Netbook M912V Tablet
. Lenovo Ideapad S10
. Lenovo Thinkpad X200
. Samsung Innov8
. Samsung Omnia
. Apple iPhone 3G
. Apple iPod Shuffle
. Kohjinsha SX Series
. Kohijnsha SC Series
. Canon Powershot S5 IS
. Canon EOS 1000D
  • 11May

    Search engine results poisoned with links to fake antivirus software have been a constant problem for Internet users. However, it is an effective way for cyber attackers to infect users’ machines. Google recently presented a research paper regarding websites that offer fake antivirus software and part of Google’s research shows that search engine results can lead to such pages. The presentation demonstrates that Google is working hard at preventing these search poisoning attempts.

    According to Symantec’s Report on Rogue Security Software, the culprits of these “toxic” search results are typically scam perpetrators who use

    a range of black hat search engine optimization (SEO) techniques to poison search engine results and increase the ranking of their scam websites on search engine indexes. A rogue security software program is a misleading application that pretends to be legitimate security software, but provides the user with little or no protection. In some cases, it actually facilitates the installation of malicious code that it claims to protect against.

    Symantec has observed search results constantly and generated statistics on the top search trends every hour and determined how many were malicious (within the first 70 Google search results). From the findings, it was observed that hackers have a vested interest in ensuring that their attacks are effective in poisoning Google results, most likely because of its large market share—Google’s breadth and speed of indexing also play a role.

    The key findings identified between March 30, 2010, and April 18, 2010, on Google search results are:

    •    On average at any given hour, 3 out of the top 10 search trends contained at least one malicious URL within the first 70 results.
    •    On average, 15 links out of the first 70 results were malicious for search terms that were found to be poisoned (had at least one malicious URL).
    •    On average on any given day, 7.3% of links are malicious in the top 70 results for top search terms (see Figure 1)
    •    The most poisoned search term resulted in 68% of links leading to malicious pages in the first 70 results
    •    Almost all of the malicious URLs redirect to a fake antivirus page.

    The following graph shows the total number of malicious URLs (red) found in a given day versus total URLs checked (the top 70 results for the top 10 search terms each hour):

    Symantec 20100511

    Figure 1: 7.3% of links are malicious in the top 70 results for top search terms on average on any given day.

    It is apparent that the attackers continue to be effective at poisoning search results. They have an automated infrastructure that is able to automatically collect the latest, most popular search trends and poison the results. Symantec advises you to be careful when clicking on search result links, especially when searching for hot search topics. You can also follow Symantec’s Twitter feed to find out the latest news on Internet threats.

    For more information, please visit Symantec’s Security Response Blog which discussed this issue.

    Share/Save/Bookmark

    Posted by admin @ 3:27 pm

Leave a Comment

Please note: Comment moderation is enabled and may delay your comment. There is no need to resubmit your comment.