Internet search for Heath Ledger leads to infected websites
January 2008 by G DATA
It should be commonly known that malware authors use a whole bunch of tricks to attract their potential victims. It should also be known that current events from everyday life act as a bait. A particularly tasteless example shows how unethically attackers are acting, abusing late celebreties in order to lure as many "visitors" as possible towards their infected websites.
Only a few hours after the news of Hollywood star Heath Ledger’s death had appeared in the media, the first number of infected websites came up. Particularly dangerous: When entering the appropriate keywords such as "heath" and "ledger" in Google, a large number of these particularly prepared websites show up among the search results. Clicking onto one of these search results leads to a fake error message within the users’ browser, urging them to install a new ActiveX object. A single careless confirmation click of this request will end up with a variety of malware infections on the victim’s PC.
Once again the E-crime-society’s perfidious and down-and-dirty approach of jumping onto the bandwagon of breaking news and being part of the game by interspersing specially prepared websites into the search engines’ search results, becomes clear. This offers the prospect of an attractive booty since potential victims are quite likely to be reading up on topics with a high media presence.
Users of security products should update their signatures in order to be protected against such sneaky attacks. To seal off the Internet browser as a potential penetration vector, the local HTTP scanner, which is contained in all G DATA security products, should be active.