USA Today reported this week that scammers and malware creators are trying to exploit fans’ eagerness to get information, clips and so on related to the new movie – even more so if it is free – by corrupting Google search results.
When fans click on the search results that have been corrupted they are directed to a number of blogposts and chats with the promise that they can watch the movie in full for free.
The links take users to images from the movie itself and then to a page where they can view the movie after they have downloaded a free video player, Streamviewer.
And here the problems begin.
When the download begins, a Trojan downloader is installed on the user’s machine. This is a standalone program that attempts to download and run other files from remote web and ftp sites without the user’s knowledge or approval. This gives the bad guys an opportunity to install whatever spyware and malware they want on that machine. Although the primary intention is that the user downloads a piece of rogueware (which they have to pay remove), similar attacks mean that the infected machine can become part of a botnet.
Targeted attacks are becoming extremely common lately as the bad guys focus on users’ interests or browsing habits. Movie fans, music lovers and online shoppers are easy targets and users need to be vigilant especially in the run-up to the holiday season.
Spammers create lists of the most common search words or phrases, such as Google’s top 100 searches, and then do their best to increase search rankings so that their poisoned URLs are among the top 10 or 20 results.
When a user clicks on a result that is not real, they are redirected to hijacked sites where they are either asked to download files or asked for their details and so on.
These types of attacks are expected to increase over the next few weeks as more and more people shop online and carry out searches for information on the goods they need.
According to a study published by ISACA, a non-profit association of IT professionals, the most prolific shoppers are those in the 18-24 age bracket, and 40% of those in this bracket said they will spend up to five hours doing online shopping from their desks.
Businesses need to pay particular attention during the holiday season. Not only will employees be wasting time shopping online on Cyber Monday (last year the National Retail Federation said 55% of workers with Internet access said they planned to shop online) but they are also a prime target for attacks similar to the one I described above.
Apart from educating employees that they need to be careful and not click on suspicious links or accept file downloads, businesses should ensure that their anti-virus software is up to date, all machines are patched and they have the means to block access to sites and downloads that could result in malware infecting a user’s machine or the whole network.