« A day in the life of a Malware Analyst
File extensions matter »

Beware of search engines helpers

May 13th, 2008

 You may come across some sites that offer online searches in cool formats. For example, we found this Italian website that does a search in both Google and Yahoo!.

It works well and presents the results in two diffent window panes:

However, digging into the source code for that page, we found an infamous drive-by download (loader.exe) that happens to be nothing less than a Trojan Downloader.

That Trojan will download additional malware (dialer, password stealer) onto your computer.

As a general rule, it is safer to use your search engine directly from the main site (i.e. google.com). Many sites offer a search from their own page that claims to search the major search engines. However, it is often biased results that are returned, or even worse, malicious programs.

JSegura

RSS feed to this site Twitter Linkedin YouTube Channel

 

RSS feed to this site Jerome Segura is a Security Analyst working at ParetoLogic.

You can contact him at:
MalwareDiaries Email

 

Pages




Security Software




Malware Top 10




Archives




Categories
 
 
 

© 2009 ParetoLogic Inc.