Hackers reached web search results
Date: March 13, 2005Source: Vnunet.com
By:
Hackers are increasingly using websites rather than email attachments to spread malicious code, security watchers have warned.
In its six-monthly Web Security Trends Report, Websense noted that online criminals may be subverting search engines in a bid to direct unwitting internet users to web pages containing malware.
The report states that, as increasing numbers of companies are blocking email attachments at the firewall, hackers are embedding code in web pages. To try and persuade users to visit websites with the code installed they are trying to get them ranked highly in search engine results.
"[We] believe that an increase in 'poisoning' search results and DNS servers from the most popular search engines is possible," said report author Dan Hubbard, senior director at Websense.
"In this scenario, attackers ensure that their sites appear high in the return lists of queries. When users visit those sites, they are infected. For example, in a search for anti-spyware a list of sites infected with spyware might actually top the list."
Add comment Email to a Friend