Hackers attack search engines – users get infected

Users utilize search engines and watch online videos all the time. As two of the top Internet activities users rely on a daily basis, hackers managed to inject specially crafted sites and fake YouTube pages into main stream search engines (with high ranks) to lure innocent users into their virus infested sites.

For example, search results for strings such as videos of reality TV celebrity Teresa Guidice, British actress Holly Davidson, and the BP oil spill were found to initially lead to YouTube-like pages before displaying the all-too-familiar fake malware infection warnings.

How It happens

 

1. Here’s an example of  poisoned search results :

 

 

 

 

 

 

 

  

 2. Users click on one of the poisoned search results, and will get a fake youtube page (which has malicious code).

 

 

 

 

 

 

  

 3. User’s system gets infected, and will get a Fake malware infection warning.

 

 

 

 

 

 

 

 

  

 4. Another variance is similar to a previous alert we published regarding a download of Adobe Flash plater installer.

 

 

 

It also seems that hackers put in specific details into this new trickery. Not only did they use a convincing interface for the fake Adobe installer, they also used a URL that strongly suggests that it is an Adobe related site.

 

 

 

 

 

ARX Networks engineers are continuously updating existing clients with the latest security patches, and communicating the latest vulnerabilities to all users.

If you have any question related to this article, please contact us directly.