Thursday, May 6, 2010

Google attack on fake antivirus software websites.

Within last 13 months Google analysed nearly 250 million website and found that fake antivirus websites accounts for more than 15 percent of total malicious attack.

Cyber criminals are using more and more sophisticated tactics to trick unsuspecting PC users in to downloading and installing applications laced with malicious code, which, when activated, they gives hackers "back door" access to a computer and personal stuff within it. This allows criminals to use the machine to send spam emails, or to try and capture personal information and login details for online banking and email accounts.

Fake antivirus--false pop-up warnings designed to scare money out of computer users. "Once it is installed on the user system, it's difficult to uninstall, you can't run Windows updates anymore or install other antivirus software, and you must install the [operating] system," rending it unusable until it has been cleaned up.

More than half of the fake antivirus software - which predominantly targets MS Windows machines - was delivered via adverts, Google said. Graham Cluley of security firm Sophos, who has been involved in the studies, said that one of the key ways that hackers spread fake anti-virus was so-called black hat search engine optimisation techniques.

"They then create websites stuffed with content, which in many cases appears on the first page of search engine result pages (SERP)." Anyone clicking on the link, would be confronted with a pop-up with a link of fake antivirus program. Google uses tools to filter out booby-trapped websites, but the firm said that hackers were managing to avoid detection by moving between domains quickly.