Slashdot Mirror
Virus Writers Target Google's Sponsored Links
An anonymous reader writes "It looks like the bad guys are gaming Google's sponsored links to spread their junk to people who click on the ads with unpatched versions of Internet Explorer. Attackers apparently bought the rights to several high profile search terms, including searches that would return results for the Better Business Bureau, among others. The story notes this was bound to happen, given the way Google structures sponsored links: "The bad guys behind the attack appeared to capitalize on an odd feature of Google's sponsored links. Normally, when a viewer hovers over a hyperlink, the name of the site that the computer user is about to access appears in the bottom left corner of the browser window. But hovering over Google's sponsored links shows nothing in that area. That blank space potentially gives bad guys another way to hide where visitors will be taken first.""
I really wish people would put even a bit of effort into using the term correctly.
Hell, this isn't even a Worm! It's just exploiting a browser bug to steal passwords.
Yawn.
Don't use Internet Explorer.
How we know is more important than what we know.
right click on ad, copy link location, paste into a text editor
http://pagead2.googlesyndication.com/pagead/iclk?look for: adurl=http://whatever
Handy for finding ad urls when you don't want to click on them because they're on your own site because clicking on your own ads is against google's terms. Bit of a pain, but the information is in there if you want to dig it out.Loose lips lose spit.