Morphing PDFs in new SEO poisoning trick
Harmless documents replaced by web pages containing malicious code.
Researchers at F-Secure have discovered a new SEO poisoning trick in which attackers
put harmless PDFs on a website to raise the site's profile in web searches but, after the site has been indexed
by search engines, replace the PDFs with web pages containing malicious Flash code.
SEO poisoning is a popular trick among malware authors in which they try to get their malicious sites ranked at or near
the top of search engine results, often on searches for key hot topics. In this case, surfers searching for ice hockey
players were led to URLs containing apparently harmless PDF documents.
After some time had passed, the crooks replaced the innocent PDFs with web pages containing malicious Flash code which,
if executed, would install rogue anti-virus software on the user's computer.
Google and other search engines work hard to keep their results clean and accurate but those with bad intentions
are always a step ahead; VB advises users always to exercise caution when visiting links in search results.
More at F-Secure's blog here.
05 March 2010
Tags:
f-secure, google, rogue anti-virus, seo poisoning.
del.icio.us 
digg this
0 comments
