ebuzz - Get Your IE Patches Now!

Get Your IE Patches Now!

The last week in November was a busy one chez Google, as the megacompany grappled with the most massive case of SEO poisoning seen to date. The attack was directed at Google in particular and resulted in tens of thousands of web pages hosting malware results showing up on the first page of Google searches for thousands of common terms, many of them, according to the BBC, coming up for search terms such as “hospice” and “Christmas gifts.”

“This was fairly epic,” said Alex Eckelberry, head of Sunbelt Software, one of the firms that uncovered the attack. Eckelberry added that tens of thousands of domains, many based in China and only a couple of days old, were used in the attack. Yahoo!, Microsoft Live Search, and other sites indexed the results, but they were coded to only show up through Google.

Websites loaded on these domains were booby-trapped with malicious software that looked for vulnerabilities in copies of Microsoft's Internet Explorer used to browse them. "If your machine was not fully patched you were going to get hosed," said Eckelberry. “This is not going to go away.”

An article by Gregg Keizer in ComputerWorld Security noted Google’s response – or lack thereof:

Ironically, Google itself refused to confirm or deny that it had cleansed its index of the more than 40,000 malware hosting sites, or even that they had existed. "Google takes the security of our users very seriously, especially when it comes to malware," a company spokeswoman said today in an e-mail. "In our search results, we try to warn users of potentially dangerous sites when we know of them. Sites that clearly exploit browser security holes to install software, such as malware, spyware, viruses, adware and Trojan horses, are in violation of the Google quality guidelines and may be removed from Google's index."

She did not, however, answer questions about how long it takes Google to purge its search index or whether it has countermeasures that are supposed to keep sites from gaming its ranking system.

Security firm Trend Micro also discovered a series of booby-trapped sites aimed at Christmas gift shoppers. "Some of the top rated hits are leading to the malicious sites," said Raimund Genes, chief technology officer at Trend Micro. Genes said the booby-trapped websites tried to exploit several different vulnerabilities in Microsoft's web browser. The sites also attempted to stop the malicious software being spotted by intermittently scrambling the package before it downloads.

The problems intrinsic to using Internet Explorer as one’s web browser of choice have been documented many times in the past – some of them in this column – and this is no exception. The solution? Since IE appears to be here to stay, it would be useful for Google to have its crawlers automatically check pages for malware as they crawl.

And that's our take on the news today!

Click here to return to eBuzz Archives