• On CBS.com: Best of CBS with clips, full episodes
advertisement30% off Inspiron laptop purchases

April 27, 2007 5:42 PM PDT

Google pulls malicious sponsored links

By Joris Evers
Staff Writer, CNET News

Google pulls malicious sponsored links
Related Stories

Web threats to surpass e-mail pests

 April 24, 2007

Web attackers get better at hiding

 April 18, 2007

Super Bowl stadium site packed Trojan horse

 February 2, 2007
Google has removed paid links that advertised seemingly legitimate Web sites but actually tried to install nefarious programs on PCs.

The links were displayed as "sponsored links" after visitors entered specific queries into Google's search service. Clicking the links would ultimately go to a legitimate site, but by way of another site that attempted a "drive-by installation" of password-stealing software. Miscreants placed the links using Google's AdWords service for advertisers.

"Google identified and canceled AdWords accounts displaying ads that re-directed users to malicious sites," a company representative wrote on a corporate blog on Thursday.

The malicious links appeared after people searched for terms related to the Better Business Bureau and cars, according to Exploit Prevention Labs, a security company. All the paid-for links masqueraded as legitimate sites and redirected Google users to the actual sites after sending them to smarttrack.org, which served up the malicious code, Exploit Prevention Labs said.

"We detected about 20 different search strings that resulted in links to smarttrack.org," said Roger Thompson of Exploit Prevention Labs. "There were multiple ads linking to a single site, a high level of planning, and cunning by the bad guys."

Web threats are on the rise. Security firm Trend Micro predicts that by next year, Internet users can expect more cyberattacks to originate from the Web than via e-mail. The threat hasn't gone unnoticed by the security industry. Tools such as Google's Toolbar for Firefox or Google Desktop, Exploit Prevention Labs' LinkScanner and McAfee's SiteAdvisor can offer protection by blocking known bad sites or rating search results.

Google is looking at its AdWords practices to prevent similar incidents in the future, the company said. "This is an issue we've taken very seriously and will continue to monitor," it said. "We are also evaluating our systems to ensure that the appropriate measures are in place to block future attempts."

See more CNET content tagged:
Google AdWords, Google Inc., link, security

Add a Comment (Log in or register) 8 comments
Finally!
by lonny paul April 27, 2007 10:50 PM PDT
Google has long turned a blind-eye to the many hijinx which people have used to divert traffic, install spyware and other illegitimate schemes.

This is a great example of corporate responsibility and a great stride in the continuing battle against Spyware which I and TigerDirect have fought against for years.

I look forward to Yahoo! and other ad agencies to 'tighten their grip' on what people are advertising when not a good thing.
Reply to this comment View reply
Google
by redhook9 April 28, 2007 4:19 AM PDT
Perhaps cnet and download com will do the same.
Reply to this comment
Google
by redhook9 April 28, 2007 4:19 AM PDT
Perhaps cnet and download com will do the same.
Reply to this comment
Don't see a problem...
by VanceTyler May 6, 2007 9:07 AM PDT
I don't see a big problem here as I hope that a majority of people already have different antispyware and anti-keylogging tools, making stealing of passwords impossible. For those who don't have such tools installed I can only recommend to visit anti-keylogger.org or another site dedicated to anti-keyloggers and download such a tool asap.
Reply to this comment
Powered by Jive Software
advertisement

Latest tech news headlines

Resource center from CNET News sponsors
You Need The Speed of Norton 2009
Introducing Norton Internet Security™2009

Click Here!
With one-click, one-minute install, under 8MB of memory usage and fewer, shorter scans, it's the fastest security suite anywhere. Norton. Smart Security, Engineered for Speed. Get a FREE trial today!

Click Here!
The Fastest Security Suite Anywhere

Experience the revolutionary Norton Internet Security™ 2009. With Norton™ Insight, a new feature, you get precision security that targets only at risk files for fewer, faster, shorter scans

Win a Trip to Space!*

Enter the Blast Off with Norton Sweepstakes for your shot at a trip to space. You could experience being fast and weightless, just like the new Norton 2009. *No purchase necessary; click for full details.

FREE Trial!

Act now to get your FREE trial of Norton Internet Security 2009. Try it for the protection. Love it for the speed

Norton Safe Web NEW!

A community-based system that rates web site safety

Norton Labs NEW!

Users can download new security technologies and share input directly with developers. Help us shape our future products!

RSS Feeds

Add headlines from CNET News to your homepage or feedreader.

More feeds available in our RSS feed index.

advertisement

Inside CNET News

Scroll Left Scroll Right
News
Latest news
Business tech
Green tech
Wireless
Security
Media
Popular topics
Apple iPhone
Apple iPod
Best hybrid cars
Cell phones
Dell
GPS
CNET sites
CNET TV
Downloads
News
Reviews
Shopper.com
Site map
More information
Newsletters
Corrections
Customer Help Center
RSS
What's new
About CNET