Google has removed paid links that advertised seemingly legitimate Web sites but actually tried to install nefarious programs on PCs.
The links were displayed as "sponsored links" after visitors entered specific queries into Google's search service. Clicking the links would ultimately go to a legitimate site, but by way of another site that attempted a "drive-by installation" of password-stealing software. Miscreants placed the links using Google's AdWords service for advertisers.
"Google identified and canceled AdWords accounts displaying ads that re-directed users to malicious sites," a company representative wrote on a corporate blog on Thursday.
The malicious links appeared after people searched for terms related to the Better Business Bureau and cars, according to Exploit Prevention Labs, a security company. All the paid-for links masqueraded as legitimate sites and redirected Google users to the actual sites after sending them to smarttrack.org, which served up the malicious code, Exploit Prevention Labs said.
"We detected about 20 different search strings that resulted in links to smarttrack.org," said Roger Thompson of Exploit Prevention Labs. "There were multiple ads linking to a single site, a high level of planning, and cunning by the bad guys."
Web threats are on the rise. Security firm Trend Micro predicts that by next year, Internet users can expect more cyberattacks to originate from the Web than via e-mail. The threat hasn't gone unnoticed by the security industry. Tools such as Google's Toolbar for Firefox or Google Desktop, Exploit Prevention Labs' LinkScanner and McAfee's SiteAdvisor can offer protection by blocking known bad sites or rating search results.
Google is looking at its AdWords practices to prevent similar incidents in the future, the company said. "This is an issue we've taken very seriously and will continue to monitor," it said. "We are also evaluating our systems to ensure that the appropriate measures are in place to block future attempts."
Google has long turned a blind-eye to the many hijinx which people have used to divert traffic, install spyware and other illegitimate schemes.
This is a great example of corporate responsibility and a great stride in the continuing battle against Spyware which I and TigerDirect have fought against for years.
I look forward to Yahoo! and other ad agencies to 'tighten their grip' on what people are advertising when not a good thing.
This is not google's fault any more than it is a newspaper's fault for running an ad for a "10,000" mile "like new" car that ends up having "120,000" miles on it when the buyer gets it.
Once again this is entirely Microsoft's fault for a swiss cheese operating system that allows malicious software like this to be installed. Google shouldn't have to do M$'s work.
I don't see a big problem here as I hope that a majority of people already have different antispyware and anti-keylogging tools, making stealing of passwords impossible. For those who don't have such tools installed I can only recommend to visit anti-keylogger.org or another site dedicated to anti-keyloggers and download such a tool asap.
Google creates an animated doodle that features a boy, a girl, Google's search engine, and a jump rope. But might there be darker, more analytical, more troubling interpretations to this tale?
The Silicon Valley online payments startup grew by 1,000 percent last year and is hopeful it can repeat that level of growth this year. To do that, it's had to move away from its early friends-and-family roots and embrace small businesses.
Chamtech's spray-on antenna uses a nano material to provide a low-power boost to antenna range. The wireless-in-a-can product may some day bring an end to unsightly cell towers.
EnerG2 opens a plant to make an engineered carbon that will improve performance of energy storage devices and make storage for start-stop hybrid cars less expensive.
This is a great example of corporate responsibility and a great stride in the continuing battle against Spyware which I and TigerDirect have fought against for years.
I look forward to Yahoo! and other ad agencies to 'tighten their grip' on what people are advertising when not a good thing.
Once again this is entirely Microsoft's fault for a swiss cheese operating system that allows malicious software like this to be installed. Google shouldn't have to do M$'s work.