Security

Scammers Target Googlers with Trojan Attack

Prone to typos? Beware. Hackers have revived a once common scam in which they use a URL that contains a misspelled real site to spread malware. The latest targets Google users with the misspelled “www.googkle.com.”

Users can’t check it out, even out of curiosity, anymore because it has already been taken down, Mikko Hypponen, director of anti-virus research, F-Secure, told TechNewsWorld.

In the past, users of MSN.com and CNN.com have also been targeted by scams like this. F-Secure, a security firm in Finland, first broke the news of the Trojan this week.

Wide Range of Malware

Hypponen said going to the site was quite dangerous because of the range of malware that resulted and the fact that it would be automatically downloaded to the PC of anyone who visited the malicious site.

“Your PC would completely automatically end up taken over by a wide variety of keyloggers and spyware,” he said.

That malware includes Trojan droppers, program that drops Trojan horses or back door Trojans onto computers; Trojan downloaders, which secretly download more malware; backdoors, a proxy Trojan, an application that allows remote hackers to access the Internet through an infected computer; and a spying Trojan, which allows a hacker to monitor user’s activities — including keystrokes — on an infectedcomputer.

The scammers also included a few adware-related files. The site also blocked access to anti-virus updating.

Don’t Fall Prey

Aside from double-checking all typing, Hypponen recommended using bookmarks or avoiding Internet Explorer to prevent accidental exposure to sites such at this one.

“This Web site, as well as a few related Web sites are owned by people with Russian names. Also several malicious files that are downloaded from these Web sites have Russian texts,” F-Secure said on its site, adding that it had reported the scam to authorities.

The scam is a sign of the ever more invasive attempts by scammers to find a way into PCs, one analyst said.

“This is a continuation of a trend of increasing spyware infection in the industry,” Ed Moyle, president of SecurityCurve, told TechNewsWorld.

“Spyware vendors, to keep pace with both users’ increased awareness of spyware and the availability of software to protect against it, are seeking ever-more invasive and aggressive ways of distributing their software,” he said. “I think it is only a matter of time before they ratchet the intrusiveness upto the next level.”

2 Comments

  • dear ms. shor-
    i have to say that while i appreciate your article and the fact that you’re warning people about a potential threat, but i was offended by your incorrect and derogatory use of the word hacker.
    criminals have revived a once common scam–not hackers. hackers are curious people. they are explorers. hackers are tinkerers. some hackers are even criminals. but not all criminals are hackers, and all hackers are definately not criminals. the two terms can overlap (apply to the same individual at the same time), but they are certainly not interchangeable.
    a hack is a clever solution or way of doing something. thus, a hacker is one who hacks, or comes up with clever, creative methods.
    it’s not fair to lump all hackers in with the ones who are criminals, too. in the future, i hope you will make the distinction. thank you for your time and your open mind.
    –cid
    <a href="http://cidviscous.blogspot.com">http://cidviscous.blogspot.com</a&gt;

    • Recently the idea of DNS poisoning and googkle.com type hacks are on the forefront of online security. particularly the DNS poisoning is a really dangerous issue. Does anyone know how they are combatting these issues?

Leave a Comment

Please sign in to post or reply to a comment. New users create a free account.

Elon Musk's Dec. 2 action to release The Twitter Files: Approve or Disapprove?
Loading ... Loading ...

Technewsworld Channels