[ISN] MS security centre search poisoned with infectious smut

From: InfoSec News <alerts_at_private>
Date: Tue, 12 Jul 2011 02:29:45 -0700 (MST)
http://www.theregister.co.uk/2011/07/11/ms_security_search_malware_links_poisioning/

By John Leyden
The Register
11th July 2011

Microsoft has disabled the search results on its Security Centre after 
malware-spreaders abused the function to promote shady pornographic 
websites serving Trojans as well as cheap thrills.

Only the Security Section of Microsoft's website was affected by the 
search-engine poisoning attack. Such attacks are often used to place 
scareware portals and the like high in the index of searches for terms 
in the news, such as royal weddings, celebrity deaths and natural 
disasters.

In the case of the Microsoft security search results, only searches for 
a limited range of terms return links to dodgy sites. These search terms 
include "porn" or "streaming" (a much more plausible search term for 
someone visiting the centre and presumably looking for security-related 
information rather than cheap thrills). Many of these sites are serving 
up malware as well as smut, net security firm GFI Software warns.

"Since only specific terms are used, if you search using a different 
term, say 'united nations', you'll get real, normal results," explains 
Alex Eckelberry of GFI Software.

[...]


___________________________________________________________
Tegatai Managed Colocation: Four Provider Blended
Tier-1 Bandwidth, Fortinet Universal Threat Management,
Natural Disaster Avoidance, Always-On Power Delivery
Network, Cisco Switches, SAS 70 Type II Datacenter.
Find peace of mind, Defend your Critical Infrastructure.
http://www.tegataiphoenix.com/
Received on Tue Jul 12 2011 - 02:29:45 PDT

This archive was generated by hypermail 2.2.0 : Tue Jul 12 2011 - 02:32:25 PDT