Threat Level: green Handler on Duty: Manuel Pelaez

SANS ISC InfoSec Handlers Diary Blog


Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!

Various Olympics Related Dangerous Google Searches

Published: 2010-02-15
Last Updated: 2010-02-15 20:26:18 UTC
by Johannes Ullrich (Version: 1)
1 comment(s)

We have received reports about the (sadly expected by now) search engine poisoning for various Olympics related terms. For example the name of the killed Georgian luge athlete is used to redirect unsuspecting users to fake anti virus and other malicious content. The redirect is browser dependent. Firefox is usually redirected to "qooglesearch.com" (note the 'q' as first letter instead of a 'g'). It is probably advisable to watch out for DNS requests for this domain to spot possible infections. Internet explorer is redirected to a wide range of different domains which apparently are picked at random.

 

Video of the attack

 

------
Johannes B. Ullrich, Ph.D.  - IPv6 Training
SANS Technology Institute
Twitter

1 comment(s)
Diary Archives