Image searches ‘poisoned’ by cybercriminals

by Jeff Hecht, New Scientist

More than 113 million Internet users were redirected to malicious pages due to search engine poisoning in May 2011, according to Trend Micro.

Hackers write code to fool search engines into giving fake results, while search engine companies try to write code to block the hackers, according to Technical University of Vienna researcher Christian Platzer.

Hackers start the scam by gaining access to legitimate Web sites and installing programs that monitor Google Trends for hot keywords. The program then searches for content related to the hot topics and uses the material to automatically generate new Web content of its own. As Google’s bots roam the Web, the malicious program identifies them and feeds them the content from the fake Web pages. Since everything on the malicious site has be specifically chosen to relate to a search topic, the fake Web page and “poisoned” images will usually appear near the top of the relevant search results. When the user clicks on the thumbnail of the photo they want, the browser requests the page the image came from, but the malicious program redirects the user to a fake antivirus Web site, encouraging the user to buy unnecessary antivirus software. Article