[ insider_reports_insider ]
Google Dinged Over SEO Poisoning
David Utter
Staff Writer
2008-04-04
 Insider Reports RSS Feed
The search optimization poisoning attacks against dozens of websites continues its onslaught, with infected search results showing up in Google.
 | | Google Dinged Over SEO Poisoning |  |
To get those results into Google, attackers make search queries on websites; these sites exchange search results with Google. The attackers include executable JavaScript with those queries. On sites that do not sanitize the query being input, the results go back to Google with the malicious JavaScript attached.
Security researcher Dancho Danchev blames the long-running attacks on the criminals behind the Russian Business Network (RBN).
At security vendor Trend Micro, researcher JM Hipolito isn't buying into suggestions that Google is blameless here, saying the search site has "clear involvement" in this distribution of malware.
"This I believe still does not put Google off the hook; the search engine being used as a channel for malware distribution seriously calls for the development of security measures," said Hipolito.
Google has been acting to expunge instances of malware-laden search results, but with SEO poisoning going on for months, on very high profile sites, they need to work out a way to sanitize the exchanged searches coming back to them.
About the Author:
David Utter is a business and technology writer for SecurityProNews and WebProNews.
More insider_reports_insider Articles
Insider Reports RSS Feed
|
|
iEntry 10th Anniversary
RSS
Archive
