How The Google AdWords Scam Was Done...

By Tom Foremski - April 28, 2007

Mark Coker, representing Exploit Prevention Labs:

Some cyber criminals opened a Google Adwords
account and ran ads posing as trusted organizations like the Better
Business Bureau. When users clicked on the ad, they were redirected to
a site that installed a post-logger keylogger on their machine (if it
wasn't patched with the lasted MSFT security update).

Exploit Prevention Labs discovered the attack. Roger Thompson CTO at Exploit Prevention Labs posted a video that explains how it was done.

- - -

Apr 27, 2007

Google AdWords attack documented in new video from Exploit Prevention Labs
Security software developer Exploit Prevention Labs today released a video at http://explabs.blogspot.com documenting how cybercriminals are using Google's popular AdWords advertising system to infect unsuspecting users with malware. As the video shows, cybercriminals ran Google ads for legitimate, trusted organizations like The Better Business Bureau. Read more.

Apr 25, 2007

Google AdWords Falls Victim to Cyber Criminals
Researchers at security software developer Exploit Prevention Labs have uncovered hard evidence that cybercriminals are using Google AdWords to infect unsuspecting users with malware. Under the guise of ads for legitimate, trusted organizations like The Better Business Bureau (see screen shot), unsuspecting users are instead redirected to malicious sites that attempt to install exploits and other malware. Exploit Prevention Labs first learned of this new attack vector April 10 when a LinkScanner Pro user ran a Google search on the phrase "how to start a business". The top-ranked sponsored search listing appeared to be from AllBusiness.com, a legitimate business, yet the hyperlink actually led to a site that attempted to install a password-stealing keylogger on the user's PC. LinkScanner Pro blocked the threat and automatically reported the discovery back to Exploit Prevention Labs researchers, who launched an immediate investigation. Read more.

Subscribe in a reader

How The Google AdWords Scam Was Done...

Comments (1)

Post a comment

Comments

Kevin Cimring on Steve Ballmer Warns Financial Crisis Will Impact Tech Sector

Kevin Cimring on The "Experiential Gap" . . . and the Growing Cosmos of Twitter Applications

Sabrina Horn on Thought Leader Interview: - Sabrina Horn Says "Sell Like Hell!"

Tom Foremski on Silicon Valley Heads for Germany as Governor Schwarzenegger Pushes for Cebit Trade Show Alliance

Florian on Silicon Valley Heads for Germany as Governor Schwarzenegger Pushes for Cebit Trade Show Alliance

Bravia on Worth Watching: Silicon Valley Turns Out for Steve Ballmer at Churchill Club

Matt on Worth Watching: Silicon Valley Turns Out for Steve Ballmer at Churchill Club

Tim Cohn on GOOG Founders Could Buy All US Newspapers and Still Have $12bn

adrian Chan on The "Experiential Gap" . . . and the Growing Cosmos of Twitter Applications

Tom Foremski on Silicon Valley Rocks! Charity Event for Local Schools

Tom Foremski on Chris Anderson's PR Blacklist Backlash - The Long Tail of Bad PR

Andrew Pass on Silicon Valley Rocks! Charity Event for Local Schools

Branko Collin on Chris Anderson's PR Blacklist Backlash - The Long Tail of Bad PR

Jeff on Fishwrap: Changing Media and PR . . . Plus a Great Pep Talk

Wallen's on Silicon Valley and Wall Street: We're Not Immune - Here's Why

rawdawgbuffalo on FT Anger on AIG Bailout

Todd Defren on Shift Happens . . . A Visit With One of My Favorite PR Companies

Julie Crabill on Shift Happens . . . A Visit With One of My Favorite PR Companies

Beyondmusic on Silicon Valley and Wall Street: We're Not Immune - Here's Why

Tom Foremski on Silicon Valley and Wall Street: We're Not Immune - Here's Why