Malware writers exploit California wildfires

Malicious pages targeted at users looking for news updates.

A number of malicious web pages have surfaced in an attempt to infect the computers of people seeking news on the California wildfires.

Researchers at security firm Sophos said that the attacks use search engine optimisation techniques to attempt a number of different tricks to infect users with malware.

Tailoring web pages to reflect popular search terms, such as names and locations of the events, allows malware writers to push their pages higher on Google search results. When users search for information on the fires, the seemingly legitimate pages appear as results.

Sophos said that a number of different methods are being used to install malware once the victim lands on the attack pages. Some sites have been using fake security alert messages which instruct the user to download a file, while others offer a video which requires a special 'codec' to run.

In both cases, the download turns out to be a Trojan application which then infects the user with malware.

None of the attack methods is new. Malware writers have been using current events as malware lures for years, and the tracking of popular search terms to target attacks has become a popular tactic in recent months.

"Sadly, hackers follow the headlines with just as much interest as the rest of us, but with more malice in mind," wrote Sophos senior technology consultant Graham Cluley in a blog post.

"It's only natural that concerned members of the public will turn to the internet at a time like this to find out the latest information on a disaster, or will hunt online for the latest maps to see the spread of the inferno."