Webroot® Threat Advisory: Hackers Using Real Headlines to Attract Users to Fake Blogs

Top Searches in Google Trends Labs Being Used to Increase Search Listings for Malware Infected Blogs

Boulder, Colo., October 01, 2008

Webroot, a leading provider of security solutions for the consumer, enterprise and SMB markets, today announced that it has detected a new technique being used by hackers to lure PC users to fake blog sites containing malware.

“For the first time, hackers are capitalizing on the top news stories from Google Trends Labs, which lists the day’s most frequently searched topics, which can include news of the Wall St. bail out or the presidential campaign,” said Paul Piccard, director of Threat Research, Webroot. “These highly relevant news stories and videos are being posted to the hackers’ fake blogs to increase the site’s Google search rankings.”

These fraudulent blogs contain several video links about the news story for which the users were originally searching. Once a user clicks on one of the video links, they are prompted to download a video codec that downloads a rogue antispyware program designed to goad the user into purchasing an illegitimate program that may put their personal information and data at even greater risk.

“Placing malware in video links on fake blogs is not a novel approach,” explained Paul Lipman, Webroot’s senior vice president and general manager of Consumer Business. “However, the fact that these hackers are now manipulating Google’s methods for relevance to increase the ranking of these sites is new and greatly increases the number of people exposed to this threat.”

Webroot recommends several steps to users to prevent this type of malware attack:

1. Always have a current version of antispyware, antivirus and firewall product;
2. Never download free product or purchase them from unknown Web sites and vendors, or peer to peer networks;
3. Download videos and other multimedia files only from known and trusted Web sites or blogs;
4. Make sure the computer is up-to-date by always installing the latest Microsoft or Apple security updates; and,
5. Use a credit card that has sufficient fraud protection when shopping and never use a debit card online.

For more information on being protected online, go to: http://www.webroot.com/En_US/csc.html

ABOUT WEBROOT

Webroot is bringing the power of software-as-a-service (SaaS) to Internet security with its suite of Webroot® SecureAnywhere™ offerings for consumers and businesses. Webroot also offers security intelligence solutions to organizations focused on cyber-security, such as Palo Alto Networks, F5, Corero, Juniper, and others. Founded in 1997 and headquartered in Colorado, Webroot is the largest privately held Internet security organization based in the United States. For more information, visit http://www.webroot.com or call 800.772.9383. Read the Webroot Threat Blog: http://blog.webroot.com. Follow Webroot on Twitter: http://twitter.com/webroot.

©2013 Webroot Inc. All rights reserved. Webroot, SecureAnywhere, and Webroot SecureAnywhere are trademarks or registered trademarks of Webroot Inc. in the United States and other countries.

Press Room

• Reviews and Awards
• Media Resources
  • Image Gallery
  • Reviewer Information Kit
• In the News
• Press Releases
• Press Inquiries