For the past several months I’ve been watching closely, as the pace of Blog and Internet Forum debate has been escalating regarding fake search engines results and malware.
Recent news on this issue from Panda Security’s Oxygen 3 E-bulletin on IT security, indicates that Cyber-crooks are unrelenting in their chase to infect web search results. According to Panda “there is a steady increase in the use of custom-built websites designed to drop malicious code on computers, or even the manipulation of legitimate pages in order to infect users with malware.”
It was reported recently that fifteen thousand web pages were infected daily between January and March of this year; three times the rate of infection noted in the previous year. More disturbing, seventy nine percent of compromised web pages tracked this year were on legitimate web sites; including web sites belonging to Fortune 500 companies, government agencies and ironically, security vendors.
PandaLabs maintains that cyber-crooks have begun to opt for a new technique: the manipulation of search engine results, or seeding websites among the top results returned by these engines. When a potential victim visits one of these sites the likelihood of the downloading of malicious code onto the computer by exploiting existing vulnerabilities is high.
There are several ways that this can occur. Cyber-crooks can exploit vulnerabilities on the server hosting the web page to insert an iFrame, (an HTML element which makes it possible to embed another HTML document inside the main document). The iFrame can then activate the download of malicious code by exploiting additional vulnerabilities on the visiting machine.
Alternatively, a new web page can be built, with iFrames inserted, that can lead to malware downloads. This new web page appears to be legitimate.
Another method is the insertion of false dialogue boxes, fake toolbars, and more on sites; all designed to load destructive malware which could include rootkits, password stealers, Trojan horses, and spam bots.
So what can you do to ensure you are protected, or to reduce the chances you will become a victim?
As I have pointed out in the past, the following are actions you can take to shield your computer system from malware infections:
- Install an Internet Browser add-on such as WOT which provides detailed test results on a site’s safety; protecting you from security threats including spyware, adware, spam, viruses, browser exploits, and online scams.
- Don’t open unknown email attachments
- Don’t run programs of unknown origin
- Disable hidden filename extensions
- Keep all applications (including your operating system) patched
- Turn off your computer or disconnect from the network when not in use
- Disable scripting features in email programs
- Make regular backups of critical data
- Make a boot disk in case your computer is damaged or compromised
- Turn off file and printer sharing on the computer
- Install a personal firewall on the computer
- Install anti-virus and anti-spyware software and ensure it is configured to automatically update when you are connected to the Internet
- Ensure the anti-virus software scans all e-mail attachments
Be proactive when it comes to your computer’s security; make sure you have adequate software based protection to reduce the chances that your machine will become infected.
The free software listed below, in my view, provides better than average malware protection.
This anti virus app is a real fighter, scanning files on demand and on access, including email attachments. Let’s you know when it detects mal-ware through its shield function. An important feature is a boot-time scan option which removes mal-ware that can’t be removed any other way.
In my view, Ad-Aware 2007 Free is the best free spyware and adware remover available. It does a relatively good job of protecting against known data-mining, Trojans, dialers, malware, browser hijackers and tracking components. The only downside with the free version; real-time protection is not included.
ThreatFire 3 blocks mal-ware, including zero-day threats, by analyzing program behavior and it does a stellar job. Again, this is one of the security applications that forms part of my front line defenses. I have found it to have high success rate at blocking mal-ware based on analysis of behavior. Highly recommend this one!
The definitive free firewall, Comodo Firewall protects your system by defeating hackers and restricting unauthorized programs from accessing the Internet. I have been using this application for 6 months and I continue to feel very secure. It resists being forcibly terminated and it works as well, or better, than any firewall I’ve paid for. This is one I highly recommend. Amazing that it’s free!
Do you want to get a better understanding of what programs are being added to your computer? Then WinPatrol is the program for you. With WinPatrol, in your system tray, you can monitor system areas that are often changed by malicious programs. You can monitor your startup programs and services, cookies and current tasks. Should you need to, WinPatrol allows you to terminate processes and enable, or disable, startup programs. There are additional features that make WinPatrol a very powerful addition to your security applications.
Surfing the Internet without using Sandboxie is, to me, like jumping out of an airplane without a parachute. Deadly! This application creates a “Sandboxed” protected environment on your machine within which you browse the net. Data that is written to your hard drive is simply eliminated, (or not, your choice), when the sandbox is closed. Utilizing this application allows you to surf the web without the risk of infecting your system with mal-ware or other nasties. This is another security application I have been using for over 6 months and it has yet to let me down. Highly recommended.
Snoop Free Privacy Shield is a powerful application that guards your keyboard, screen and open windows from all spy software. I have been using this application for quite some time, and I have been amazed at the number of programs that have requested access to my keyboard and screen; particularly, programs that I am in the process of installing. If you’re serious about privacy, this is a must have addition to your security toolbox.
11 responses to “Malware by Proxy – Fake Search Engine Results”
Pingback: » Malware by Proxy - Fake Search Engine Results
Pingback: XP users: Service Pack 3 released (finally) « Tech–for Everyone
Great article Bill!
I use Ad aware 2007 and run it regularly as it does an excellent job at finding adware. Highly recommend it.
Pingback: dx engineering
Pingback: proxy search
Pingback: installing front page server extensions
Feel free to browse the internet at school with neatproxy.com to unblock websites like Myspace, Bebo, Facebook, Friendster, hi5 and more!
Thank you for good information~~*
Please comeback to visit my blog too : http://about-spysoftware.blogspot.com/
I’m sorry , If you think this is spam. but may i thank you again.
Pingback: active x download
Pingback: make frames html
Pingback: Trusted Web Sites – An Oxymoron? « Bill Mullins’ Weblog – Tech Thoughts