Hackers Rig Google to Deliver Malware

How to Search Safely

Though this attack was crafty and effective, security experts say there's no need to stop using Google, as long as you take some precautions. Most important: Keep your software patched and up-to-date. The attack sites used a programming kit called the "404 exploit framework," which hits known software vulnerabilities, says Roger Thompson, president of security software maker Exploit Prevention Labs. You can close most of the targeted holes by enabling the automatic-update features for Microsoft Windows, Mozilla Firefox, Apple QuickTime, and other critical software, but you should also update to the latest version of WinZip, a targeted program that doesn't have an auto-update feature.

And don't let your guard down just because your software is current. Attack sites will often employ social-engineering tricks when they can't worm into your PC through software holes. On its blog, Sunbelt provides an image of a common attack pop-up that attempts to trick you into installing a fake video codec that then tries to exploit a vulnerable PC. Your sharp eye can also catch many of these bogus results before you click. Watch for seemingly garbled text such as "vpn passthrough sting maphack light Motorola" in the text snippet shown for each search result. If the listing is for an oddly named page such as "leuwusxrijke.cn/769.html," it could very well be a land mine.

Free downloads such as McAfee's SiteAdvisor and Exploit Prevention Labs' LinkScanner Lite identify potentially dangerous search results with small icons. And the leading commercial security software suites offer browser protection. Keep a close eye on what you click on, too, and you'll keep search paranoia at bay, as Eckelberry has. "I'm a Google fanatic," he says. "I haven't stopped using Google because of this."

Subscribe to the Security Watch Newsletter

Comments