• Total Posts: 28057
  • Total Topics: 8056
  • Online Today: 1021
  • Online Ever: 51419
  • (01. January 2010., 09:27:49)

Author Topic: Rogue Antivirus Lurks Behind Google Doodle Searches (malica, Doodle, Zamenhof)  (Read 1149 times)

0 Members and 1 Guest are viewing this topic.


  • SCF Administrator
  • *****
  • Posts: 7152
  • KARMA: 291
  • Gender: Male
  • Whatever doesn't kill us makes us stronger.
    • - Samker's Computer Forum

In Esperanto the word is "malica." It means malicious and it's the best way of describing many of the search results Google visitors got Tuesday when the clicked on Google's front-page Doodle sketch, dedicated to Esperanto's creator.

It's the latest example of just how good scammers have become at manipulating Google search results. For months now, they've followed Google's Trending Topics section and then used search engine optimization techniques to push hacked Web pages up to the top of Google's search results, security experts say.

They do this by flooding hacked pages with keywords that are then recorded by Google's search engine.

Hackers have several ways of getting their code on legitimate Web sites -- lately they've focused on stealing FTP login credentials, according to Dave Michmerhuizen, a research scientist with Barracuda Labs.

The hacked sites that pop up when one clicks on Tuesday's Google Doodle include a hair salon in New Jersey, an Texas tree company, and a science fiction group.

On Tuesday, clicking on the illustration on Google's front page commemorating the 150th anniversary of the birth of Esperanto's creator L. L. Zamenhof, generated an awful lot of malicious search results -- taking visitors to dodgy advertisements or pages that tried to trick visitors into thinking their computers were infected and paying for fake antivirus software.

These results remained steadily in the top 5 to 10 search results for people who clicked on the Google doodle link today, and often filled up about half of the first few pages of results, Michmerhuizen said.

"I see this all the time," he said. "Poisoning a trend is nothing new, but in this particular case, it's a search where you actually click on Google's logo and you get results back from sites where half of the links have been compromised."

Google could not be reached immediately for comment on this story.


Samker's Computer Forum -


With Quick-Reply you can write a post when viewing a topic without loading a new page. You can still use bulletin board code and smileys as you would in a normal post.

Name: Email:
Type the letters shown in the picture
Listen to the letters / Request another image
Type the letters shown in the picture:
Second Anti-Bot trap, type or simply copy-paste below (only the red letters)

Enter your email address to receive daily email with ' - Samker's Computer Forum' newest content:

Terms of Use | Privacy Policy | Advertising