A number of malicious web pages have surfaced in an attempt to infect the computers of people seeking news on the California wildfires.Researchers at security firm Sophos said that the attacks use search engine optimisation techniques to attempt a number of different tricks to infect users with malware.Tailoring web pages to reflect popular search terms, such as names and locations of the events, allows malware writers to push their pages higher on Google search results. When users search for information on the fires, the seemingly legitimate pages appear as results.Sophos said that a number of different methods are being used to install malware once the victim lands on the attack pages. Some sites have been using fake security alert messages which instruct the user to download a file, while others offer a video which requires a special 'codec' to run.In both cases, the download turns out to be a Trojan application which then infects the user with malware.None of the attack methods is new. Malware writers have been using current events as malware lures for years, and the tracking of popular search terms to target attacks has become a popular tactic in recent months."Sadly, hackers follow the headlines with just as much interest as the rest of us, but with more malice in mind," wrote Sophos senior technology consultant Graham Cluley in a blog post."It's only natural that concerned members of the public will turn to the internet at a time like this to find out the latest information on a disaster, or will hunt online for the latest maps to see the spread of the inferno."
Issue: 315 | May 2013
Access CRN's extensive online resources including; email bulletins, community discussions and unique online news.
Processing registration... Please wait.
This process can take up to a minute to complete.
A confirmation email has been sent to your email address - SUPPLIED GOES EMAIL HERE. Please click on the link in the email to verify your email address. You need to verify your email before you can log on to the CRN website or start posting comments on articles.
If you do not receive your confirmation email within the next few minutes, it may be because the email has been captured by a junk mail filter. Please ensure you add the domain '@crn.com.au' to your white-listed senders.