Webroot® Threat Advisory: Hackers Using Real Headlines to Attract Users to Fake Blogs

Top Searches in Google Trends Labs Being Used to Increase Search Listings for Malware Infected Blogs

Boulder, CO – October 1, 2008

Webroot, a leading provider of security solutions for the consumer, enterprise and SMB markets, today announced that it has detected a new technique being used by hackers to lure PC users to fake blog sites containing malware.

"For the first time, hackers are capitalizing on the top news stories from Google Trends Labs, which lists the day's most frequently searched topics, which can include news of the Wall St. bail out or the presidential campaign," said Paul Piccard, director of Threat Research, Webroot. "These highly relevant news stories and videos are being posted to the hackers' fake blogs to increase the site's Google search rankings."

These fraudulent blogs contain several video links about the news story for which the users were originally searching. Once a user clicks on one of the video links, they are prompted to download a video codec that downloads a rogue antispyware program designed to goad the user into purchasing an illegitimate program that may put their personal information and data at even greater risk.

"Placing malware in video links on fake blogs is not a novel approach," explained Paul Lipman, Webroot's senior vice president and general manager of Consumer Business. "However, the fact that these hackers are now manipulating Google's methods for relevance to increase the ranking of these sites is new and greatly increases the number of people exposed to this threat."

Webroot recommends several steps to users to prevent this type of malware attack:

  1. Always have a current version of antispyware, antivirus and firewall product;
  2. Never download free product or purchase them from unknown Web sites and vendors, or peer to peer networks;
  3. Download videos and other multimedia files only from known and trusted Web sites or blogs;
  4. Make sure the computer is up-to-date by always installing the latest Microsoft or Apple security updates; and,
  5. Use a credit card that has sufficient fraud protection when shopping and never use a debit card online.

©2016 Webroot Inc. All rights reserved. Webroot, SecureAnywhere, and Webroot SecureAnywhere are trademarks or registered trademarks of Webroot Inc. in the United States and other countries.

Acerca de Webroot

Webroot delivers next-generation endpoint security and threat intelligence services to protect businesses and individuals around the globe. Our smarter approach harnesses the power of cloud-based collective threat intelligence derived from millions of real-world devices to stop threats in real time and help secure the connected world. Our award-winning SecureAnywhere® endpoint solutions and BrightCloud® Threat Intelligence Services protect tens of millions of devices across businesses, home users, and the Internet of Things. Trusted and integrated by market-leading companies, including Cisco, F5 Networks, Aruba, Palo Alto Networks, A10 Networks, and more, Webroot is headquartered in Colorado and operates globally across North America, Europe, and Asia. Discover Smarter Cybersecurity solutions at www.webroot.com.