Computer Crime Research Center


Hacker steals Google links

Date: April 28, 2007

A hacker scheme that involved buying search keywords on Google, then routing users to a malicious site when they clicked on sponsored links, was revealed Wednesday by a security company.

According to Roger Thompson, CTO of Exploit Prevention Labs, the ploy involved sponsored links (the text ads that appear alongside search results on Google) a malicious intermediary, and malware that steals online banking usernames and passwords.

"It’s quite an investment on the bad guys’ part," said Thompson. "Instead of just hacking into sites, they bought keywords."

Those keywords put the criminals’ sponsored links at the top of the page when searches were run for brand name sites like the Better Business Bureau or using phrases such as "betterbusinessbureau" or "modern cars airbags required." But when users clicked on the ad link, they were momentarily diverted to, a malicious site that used an exploit against the Microsoft Data Access Components (MDAC) function in Windows to plant a backdoor and a "post-logger" on the PC.
Original article

Add comment  Email to a Friend

Copyright © 2001-2013 Computer Crime Research Center
CCRC logo