Panda Security Warns of Malware Specialized Search Engines

(Courtesy of Panda Security) – Cyber-criminals create specialized search engines leading users to malicious websites

pandasecurity_logo PandaLabs, Panda Security’ malware detection and analysis laboratory, has observed how cyber-criminals are starting to use their own search engines to lead users to malicious pages, often created for distributing malware.

This new trend underlines how cyber-crime is becoming increasingly professional. Previously, cyber-crooks would use malicious SEO (Search Engine Optimization) or “blackhat SEO” techniques to improve the ranking of their pages among popular search engines. Now they are beginning to use their own search engines which lead users directly to pages designed to infect or defraud them.

One such malicious search engine, detected by PandaLabs, has already received around 195,000 visits.

These search engines operate as follows: When users enter a word to find, the engine returns just five or six results. Clicking on any of these results will redirect the user to a Web page created specifically to distribute malware. The pages may include content such as pornographic videos, which ask users to download the latest version of “Web media player” in order to watch the clip. However, the file downloaded is really the adware WebMediaPlayer. These pages are also being used to distribute fake antivirus programs. You can see an image here: http://www.flickr.com/photos/panda_security/3504323344/

This technique is known as social engineering, and basically involves infecting users by enticing them to click a link or run a malicious file.

“We started searching for words and issues frequently exploited by cyber-crime, in this case swine flu, or celebrity names such as Britney Spears or Paris Hilton and this took us to pages created to distribute malware. But then we found that even searching for our own names would throw up results that were really malicious pages,” explains Luis Corrons, Technical Director of PandaLabs. “Strangely though, there is the occasional normal result among all the malicious ones. Perhaps this is to bolster the illusion that this is a genuine search engine”.

To avoid falling victim to these attacks, PandaLabs advises users only to use trusted search engines, and to be wary of websites offering sensational videos or unusual stories.

“If on this kind of website you are asked to download a codec or any other kind of program to watch videos, there is a strong chance that it is really malicious code”, warns Corrons.

For images illustrating this new trend, click here: http://www.flickr.com/photos/panda_security/tags/adwarewebmediaplayer/

There is also further information on the PandaLabs blog: http://pandalabs.pandasecurity.com/archive/Swin-flu-and-the-Blackhat-SEO-techniques.aspx

Tell us about your malware experiences and win 2 months’ Panda Internet Security 2009 services free http://www.pandasecurity.com/homeusers/media/malware-stories/

You can receive the Panda Security news automatically by adding this URL (http://feeds2.feedburner.com/pandasecurity) to your feed reader.

For up-to-date computer security news go to the Panda Security Twitter.

Note: It’s unusual for me to post an article directly from another site. In fact, I think this is the first one, but in this case I have made an exception since the topic is so important. BM

3 Comments

Filed under Don't Get Hacked, Interconnectivity, Internet Security Alerts, Malware Advisories, Safe Surfing, System Security, Windows Tips and Tools

3 responses to “Panda Security Warns of Malware Specialized Search Engines

  1. Jesus Jumpin’ Jehoshaphat… what next?

    I’m getting ready to disconnect from the Internet period! How bad are we going to let this get?

    • Bill Mullins

      As you and I found out this week dealing with malware issues on Windows 7, this is just the tip of the Iceberg. Unless substantial, enforceable penalties are enacted, and these criminals tracked down and prosecuted, this situation will just get worse.

      What I want to know is – where is John Wayne when we need him? The Duke would just get up a posse, and hang these jerks from the nearest tree!

      Bill

  2. Hmmm… There is a distinct appeal to that idea, isn’t there?

    I can tell you that every client of mine who came to me for help with a malware infection would gladly join the posse!

    … anyone who had their bank account drained…

    Trouble is, finding, and getting to, these guys. Perhaps instead of the posse idea, we use the Bounty Hunter idea?