Google blog used to spread malware

Latest example of a bogus blog posting used to spread malware.

A Google-hosted blog is running phony security content that's linked to malware, as well as using Google's automated notification service to try to entice subscribers to click on an infected link, says one security expert.

To trick readers looking for information related to legitimate security products, the blog -- which has been spotted working under the name "Brittany" -- has copied content related to security vendors Symantec, Trend Micro and Aladdin Knowledge Systems, says Ofer Elzam, director of product management in Aladdin's eSafe division.

Elzam says this is the first time his company has seen this type of exploit. An Aladdin employee first spotted the exploit when she received a Google e-mail alert about Aladdin. But she immediately thought it looked odd.

"This alert was about an award from a few years ago, but someone had changed the quote slightly from 2005 to 2008," Elzam says about the Google alert e-mail. "There were other entries there too, related to Symantec and Trend Micro."

Anyone who clicked on links in the Google e-mail alert, or on the Google blog site with the fake security vendor information, would find themselves re-directed to a porn site and subject to attack code that would attempt to load malware onto their machine.

"This is the first time we've seen something like this," Elzam says. "If you get a message from a Google alert, you might think this is a service you can trust. But it's directing you to a rogue site with fake security software. And it's tricking Google, too."

Google's own statement of use associated with its blog service makes it clear that Google is under no obligation to patrol, noting that the Google blog sites "can carry offensive, harmful, inaccurate or other inappropriate material."

Google states in its usage policy that "Google does not monitor the contents of Blogger.com and Blogspot.com, and takes no responsibility for such content. Instead, Google merely provides access to such content as a service to you."

Aladdin's Elzam wonders if other high-tech companies in the network industry are finding their content purloined and their brands manipulated by malicious blog posts intended to fool users into downloading malware.

Tom Gillis, vice president of marketing at Cisco's IronPort division, says he isn't aware of anything similar targeting Cisco this way, but does know the practice of bogus blog postings to spread malware is a growing trend in sophisticated attacks.

"They use a blog to get your attention and then drag you to a Web site for downloading malware," Gillis says. "We're seeing this all the time now."

Keep up with the latest tech news, reviews and previews by subscribing to the Good Gear Guide newsletter.

Ellen Messmer

Network World

Comments

Comments are now closed.

Most Popular Reviews

Follow Us

Best Deals on GoodGearGuide

Shopping.com

Latest News Articles

Resources

GGG Evaluation Team

Kathy Cassidy

STYLISTIC Q702

First impression on unpacking the Q702 test unit was the solid feel and clean, minimalist styling.

Anthony Grifoni

STYLISTIC Q572

For work use, Microsoft Word and Excel programs pre-installed on the device are adequate for preparing short documents.

Steph Mundell

LIFEBOOK UH574

The Fujitsu LifeBook UH574 allowed for great mobility without being obnoxiously heavy or clunky. Its twelve hours of battery life did not disappoint.

Andrew Mitsi

STYLISTIC Q702

The screen was particularly good. It is bright and visible from most angles, however heat is an issue, particularly around the Windows button on the front, and on the back where the battery housing is located.

Simon Harriott

STYLISTIC Q702

My first impression after unboxing the Q702 is that it is a nice looking unit. Styling is somewhat minimalist but very effective. The tablet part, once detached, has a nice weight, and no buttons or switches are located in awkward or intrusive positions.

Latest Jobs

Shopping.com

Don’t have an account? Sign up here

Don't have an account? Sign up now

Forgot password?