Webroot® Threat Advisory: Hackers Using Real Headlines to Attract Users to Fake Blogs

Top Searches in Google Trends Labs Being Used to Increase Search Listings for Malware Infected Blogs

Boulder, CO – October 1, 2008

Webroot, a leading provider of security solutions for the consumer, enterprise and SMB markets, today announced that it has detected a new technique being used by hackers to lure PC users to fake blog sites containing malware.

"For the first time, hackers are capitalizing on the top news stories from Google Trends Labs, which lists the day's most frequently searched topics, which can include news of the Wall St. bail out or the presidential campaign," said Paul Piccard, director of Threat Research, Webroot. "These highly relevant news stories and videos are being posted to the hackers' fake blogs to increase the site's Google search rankings."

These fraudulent blogs contain several video links about the news story for which the users were originally searching. Once a user clicks on one of the video links, they are prompted to download a video codec that downloads a rogue antispyware program designed to goad the user into purchasing an illegitimate program that may put their personal information and data at even greater risk.

"Placing malware in video links on fake blogs is not a novel approach," explained Paul Lipman, Webroot's senior vice president and general manager of Consumer Business. "However, the fact that these hackers are now manipulating Google's methods for relevance to increase the ranking of these sites is new and greatly increases the number of people exposed to this threat."

Webroot recommends several steps to users to prevent this type of malware attack:

  1. Always have a current version of antispyware, antivirus and firewall product;
  2. Never download free product or purchase them from unknown Web sites and vendors, or peer to peer networks;
  3. Download videos and other multimedia files only from known and trusted Web sites or blogs;
  4. Make sure the computer is up-to-date by always installing the latest Microsoft or Apple security updates; and,
  5. Use a credit card that has sufficient fraud protection when shopping and never use a debit card online.

©2014 Webroot Inc. All rights reserved. Webroot, SecureAnywhere, and Webroot SecureAnywhere are trademarks or registered trademarks of Webroot Inc. in the United States and other countries.

ÜBER WEBROOT

Webroot® is the market leader in cloud-based, real-time internet threat detection for consumers, businesses and enterprises. We have revolutionized internet security to protect all the ways users connect online. Webroot delivers real-time advanced internet threat protection to customers through its BrightCloud® security intelligence platform, and its SecureAnywhere™ suite of cloud-based security products for endpoints, mobile devices and corporate networks. Webroot sichert 7 Millionen Konsumenten, 1,5 Millionen geschäftliche Nutzer und 1,3 Millionen mobile Nutzer. Market-leading security companies, including Cisco, F5 Networks, GateProtect, HP, Microsoft, Palo Alto Networks, Proofpoint, RSA and others choose Webroot to provide advanced Internet threat protection for their products and services. Founded in 1997 and headquartered in Colorado, Webroot is the largest privately held internet Security Company in the United States – operating globally across North America, Europe and the Asia Pacific region. For more information on our products and services, visit www.webroot.com.