Posted on 12/24/2008 11:45:09 AM PST by smokingfrog
An unknown hacker has been on a Search Engine Optimization rampage to flood search engines with more than a million ways to infect yourself with his virus. This is the first major "Scareware" infection we've seen since writing about the Federal Trade Commission's action in our December 10th blog post, FTC Moves Against Fake Anti-Virus Scareware.
The current scam takes advantage of the thousands of websites which have a "URL redirect" on them. A URL redirection program allows the website owner to "send you" to another website, while keeping track of where you went. They are often used in conjunction with an exit page that says something like "You are now leaving our site and being redirected to a new location. We aren't responsible for the content there." The problem is that many of those sites actually allow other people to use their URL to redirect traffic as well. That's what's happening here. A hacker has managed to cause Google to "learn" many of these URLs by placing them on sites they control.
In the current example, the hacker is using the site "00119922.com", which they have just registered December 19th. More than a million Google hits show that he has injected redirectors all around the Internet pointing to this site.
CAUTION: THIS PORTION IS FOR PROFESSIONAL SECURITY FOLKS ONLY. IF YOU FOLLOW THESE LINKS YOU *WILL* INFECT YOURSELF! USE CAUTION!
(Excerpt) Read more at garwarner.blogspot.com ...
Sites like Microsoft.com, IRS.gov, countless media outlets, magazines, universities, and other websites can be found in the search engines in this way. The hackers get these entries into Google by littering tens of thousands of blog comments, guestbook entries, and imaginary blog stories all around the Internet.
I’ve noticed a lot more infections recently, and not being a techie, I shy away from the sites that contain them.
There was recently a thread for the spyware guard2008. This seems to be the latest virus problem with not many solutions.
Only tangentially related;
I’m not sure why or how it happened, but a few days ago I suddenly lost CD and DVD drives. They wouldn’t show up under “my computer”, and Device Manager said the drivers were corrupted and couldn’t be loaded. Error 39. Even an external USB-fired CD drive wouldn’t work. Tried swapping a different physical drive into the PC, no effect. I found this sort of alarming, since, if the problem required reloaded the O/S, well, how do you plan to do that without having a functioning CD drive?
I ultimately found this site: http://sillydog.org/forum/sdp_59917.php
about six posts down resides the solution to the problem, July 05, 2005 post by Erdiko. A simple registry edit operation immediately fixed the problem!
WARNING: Create a registry backup point before you TOUCH ANYTHING in your registry.
Ping
Cheers!
...oh, and Merry Christmas.
Merry Christmas to you, too.
Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.