Web-based Malware II

No sooner did I post about Sophos’ report on web-based malware that I was forwarded the following:

A simple Google search may not always return peaches n’ cream; in fact, even clicking one of Google’s own sponsored ads may result in malicious code being installed on your machine and stolen e-mail and bank account passwords, according to a recent heads up on the Exploit Prevention Labs Blog.

Turns out one of Google’s paid links purportedly going to the Better Business Bureau (and showed at the top of the list on at least two searches, including for the BBB) actually went to a site that installed a backdoor and a post-logger. Google has terminated the account of the site in question, but it’s unknown how many other legitimate-looking sites could be front-ends for malware.


Leave a Reply

Please log in using one of these methods to post your comment:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )


Connecting to %s

%d bloggers like this: