Royal engagement search results poisoned

Posted by   Virus Bulletin on   Nov 17, 2010

Hackers take the shine off Royal couple's news.

It will come as little surprise to those in the IT security industry to hear that within minutes of yesterday's announcement of the engagement of Prince William to Kate Middleton, links to malicious sites had started to appear in Google searches relating to the happy couple's news.

According to the Sunbelt blog a search for 'kate middleton' turned up a poisoned link suggesting the user should download a Firefox update - which of course was a trojan rather than a browser update.

Meanwhile, the Tech Herald reports that, the terms 'prince william engagement', 'kate middleton prince william', 'royal wedding prince william', and other similar variations, all turned up links to compromised sites.

Sophos researchers have also posted a video of a 'kate middleton'/'prince william' SEO attack which spreads fake anti-virus software.

A recent report by security firm Websense suggested that users are now more likely to encounter malicious search results when searching for emerging news stories than when surfing for porn, with 22.4% of all searches for current news leading to poisoned results. With the Royal engagement look set to remain firmly in the media's focus in the coming weeks and months, many more instances of search poisoning can be expected.

Are your end-users aware of the risks of clicking on search engine results? It has long been recognized that the user is the weakest link in the security chain. Learn practical ways to strengthen the weakest link at the VB Seminar 25 Nov, London.

The free VB Seminar takes place at the IET London, UK from 9am to 4pm on 25 November 2010. Secure your place by booking online now.

Posted on 17 November 2010 by Virus Bulletin

twitter.png
fb.png
linkedin.png
hackernews.png
reddit.png

 

Latest posts:

VBSpam tests to be executed under the AMTSO framework

VB is excited to announce that, starting from the Q3 test, all VBSpam tests of email security products will be executed under the AMTSO framework.

In memoriam: Prof. Ross Anderson

We were very sorry to learn of the passing of Professor Ross Anderson a few days ago.

In memoriam: Dr Alan Solomon

We were very sorry to learn of the passing of industry pioneer Dr Alan Solomon earlier this week.

New paper: Nexus Android banking botnet – compromising C&C panels and dissecting mobile AppInjects

In a new paper, researchers Aditya K Sood and Rohit Bansal provide details of a security vulnerability in the Nexus Android botnet C&C panel that was exploited in order to gather threat intelligence, and present a model of mobile AppInjects.

New paper: Collector-stealer: a Russian origin credential and information extractor

In a new paper, F5 researchers Aditya K Sood and Rohit Chaturvedi present a 360 analysis of Collector-stealer, a Russian-origin credential and information extractor.

We have placed cookies on your device in order to improve the functionality of this site, as outlined in our cookies policy. However, you may delete and block all cookies from this site and your use of the site will be unaffected. By continuing to browse this site, you are agreeing to Virus Bulletin's use of data as outlined in our privacy policy.