Google AdWords Attacked By Cyber Criminals

Researchers at security software developer Exploit Prevention Labs have discovered that cyber-criminals are using Google AdWords to infect unsuspecting users with malware. Under the guise of ads for legitimate, trusted organisations like The Better Business Bureau, unsuspecting users are instead redirected to malicious sites that attempt to install exploits and other malware.

Exploit Prevention Labs first learned of this new attack vector, when a user of the company"s LinkScanner Pro safe surfing software ran a Google search on the phrase “how to start a business.” The top-ranked sponsored search listing appeared to be from AllBusiness.com, a legitimate business, yet the hyperlink actually led to a site that attempted to install a password–stealing keylogger on the user"s PC. LinkScanner Pro blocked the threat and automatically reported the discovery back to Exploit Prevention Labs researchers, who launched an immediate investigation.

The investigating team discovered that a known-bad organisation registered the domain name Smarttracker.org, which opened a Google AdWords account and purchased campaigns for various search terms. Although each of the ads displayed a trusted hyperlink, clicking on the link redirected the user to smarttracker.org before sending them on to their intended destination.

More from Biztech

Future Group - Reliance Retail Deal approved by CCI RBI ban on cryptocurrencies takes effect; prohibition could force investors to tap the black market

Although Google has terminated this particular offending account, the discovery highlights problems facing all sponsored search vendors.