Black hats poison Google video search
Game for a hack
Miscreants have poisoned Google Video search results in a bid to trick the unwary into getting infected with malware.
Instead of video clips, researchers at Trend Micro discovered that around 400,000 queries returning malicious results that lead to a single redirection point, which leads onto an array of maliciously constructed websites designed to load malware onto vulnerable Windows PCs. The strain of malware spread using the attack - named as AQPlay-A by Trend Micro - poses as a Abode Flash Player update that's supposedly needed to view video content.
Running the software on unprotected PCs leads to infection. The malware is also programmed to spread via removable and network drives.
Hackers behind the attack have been careful to camouflage the assault. Trend Micro reckons the VXers organising the assault are maintaining a large number of domains, each full of keywords, so that these pages appear at the high in search results when users enter targeted search queries.
The approach is typical of one type of search engine optimisation malfeasance, but the Google Video attack takes things one step further, by incorporating detection-evasion technique. Only users who are redirected from Google Video are prompted to download the booby-trapped Flash Player executable, Trend Micro warns.
The attack is unrelated to a snafu in Google search on Sunday that briefly resulted in the search giant labelling every site on the internet as infected with malware. Google blames the cock-up on human error. ®
The Trojan has been named "Adobe Flash"
I have never seen the point of infecting my computer with the Flash trojan anyway, so I shouldn't be fooled.
As with all updates....
to media players, browser plugins, OS, in fact anything. Download them from the authors official site or other trusted source. Inconvenient? just abit. Secure? not absolutely, but downloading and installing any exe from thrid parties, especially those punting "interesting videos" is just plain stupid, at least to those in ITspace*, no matter how desperate one is for the stimulus provided by said punted video.
User education and awareness of such methods would go a long way to mitigating this avenue of attack. I would go as far as to say user education and awareness is probably the only real defence. But I don't see much in the way of information regarding these issues in sheepspace*. The beeb and mainstream newspapers may bleat on about ID theft, the grooming of children and play down the potential impact of government/industry data loss blunders but that's as far as warnings go when it comes to computer related security.
The Internet was designed with resilience in mind not security, it will likely never be secure. (I am in no way smart enough to provide a definitive). So the Internet user has to enforce their own security and they have to know how to do so.
It would only take a weekly round up of ongoing and emerging Web based attacks and what the user can do to identify and defeat/remove them. The last five minutes of every beeb/sky/news channel newscast of a Friday or Monday could be dedicated to such.
The virtual reality, the pizza demographic, the selective intelligence, the realm of the BOFH.
The sanitised reality, the mean demographic, the collective intelligence, the realm of the censor.
These spaces are not mutually exclusive.
Abode Flash Player?
If people don't spot the difference between Abode and Adobe, who is to blame...?