[Intrusions] Google security concern?
Daniel Wesemann
intrusions at wesi.ch
Tue Dec 28 18:20:50 GMT 2004
Empty Floatbag wrote:
>Has anyone else noticed that some seemingly "normal"
>searches on Google return completely unrelated sites
>which attempt to compromise a system through the
>browser?
>
>
Yep, indeed I have noticed. Chasing malware, I've tracked quite a number
of incidents back to a seemingly innocuous search that the user made in
Google. I also concur with your observation that many of these sites
appear to be hosted in Russia/Ukrania. Google Spamming is nothing new,
though, and I doubt if these pages were deliberately added to Google in
order to propagate an exploit. It seems to me rather that the pages were
spammed into Google to toll their "virtues" (usually fleshtone pictures
or mp3/software piracy), and that hosting the exploit is a "3rd party
addition" to the site content as a by-product of sloppy security
maintenance on these boxes.
But I'm all for conspiracy theories :-), so if anybody can help to find
ties between these sites and/or indications of deliberate Google
spamming to propagate an exploit, I'm happy to join the hunt.
-daniel gcia
More information about the Intrusions
mailing list