BUSINESS

There's malice in this search

By Priyanka Joshi
August 10, 2006 09:40 IST

A recent WebSense Security Labs report alleges it searched Google to find malicious executables (files which, when clicked, can unleash a virus that can damage your machine) that Google's search engine had indexed and was able to collect thousands of pieces of malicious binaries (executables) - mostly posted to newsgroups with false names that would normally trick a user.

The security firm also found several pieces of spyware on poker and casino sites. Variants of the Bagel, and Mytob worms, various trojans and many other malicious binaries were also detected.

Dan Hubbard, security & technology expert at Websense Security Labs says, "While we do not believe that Google is indexing binary (executable) file contents, it is proof enough of the rise in Web sites being used as a method of storing and distributing malicious code."

Google comes in for special mention simply because almost 50 per cent of the searches are done using it. A search on engines like Yahoo and MSN is likely to deliver similar results.

While MSN could not be reached for a response, a Yahoo spokesperson said: "We are a search engine and our job is to throw up results to the users. Once the user clicks on the link, he is out of our purview."

Searches apart, there's a lot of phishing too. For instance, Gmail users were greeted with the Gmail login page (phisher produce a replica of the original) - "You won $500.00!" The message conveyed is that the prize money will be delivered to an e-Gold, PayPal, StormPay, or MoneyBookers' account.

Users are informed that this prize money is only available to 'premium members' of Gmail Games. Expectedly, membership to Gmail Games requires a registration fees of $8.60. If not paid, users forfeit their claim to $500 prize money. An easy trap to fall in.

In November 2005, Google faced a similar phishing attempt. It redirected users to a spoofed copy of Google's front page with a message declaring "You WON $400.00 !!!." Instructions directed users to enter their credit card number and shipping address and once the information was gathered, users were re-directed to Google's legitimate website.

Surendra Singh, head (South East Asia & India), WebSense sees this as a natural progression to online threats.

"Polymorphism and obfuscation techniques have been used for a long time by malcode/virus writers, to thwart AV software, but not in this way," he says.

Kartik Shahani, director (Sales) for India & SAARC, McAfee, however, reserves his judgement: "...We are over reacting. Generically, phishing is deceit and spoofing that requires a recipient to react. This calls for people to be aware and alert. There will always be ways and means to attack and no security can be 100 per cent safe."
Priyanka Joshi
Source:

NEXT ARTICLE

NewsBusinessMoviesSportsCricketGet AheadDiscussionLabsMyPageVideosCompany Email