Hackers tap into Obamamania

November 7, 2008

Hackers seeking to exploit the global interest in Barack Obama’s sweeping election victory have bought their way to the top of the Google results page.

For most of this afternoon, searches involving the keyword Obama generated a sponsored link reading “Download Now” at the top of the results page. People who clicked on the link would reach a web page infected with malicious software.

Security experts confirmed that the site could compromise PC users’ security.

“The website is infected with a malicious i-frame,” Graham Cluley, the senior technology consultant at the online security company Sophos, said. “This code then downloads further malware onto your PC, including something called Mal/Pdfex-B.

“Ultimately this code is designed to compromise your computer and allow hackers to have remote control over your PC.”

Unlike early virus writers, who were motivated mainly by the desire for notoriety, today’s hackers work for profit.

Once they have gained access to a computer, they will search for potentially lucrative data such as banking passwords and credit card numbers. They may also use the network of PCs they control to launch co-ordinated attacks on web businesses that refuse to co-operate with extortion demands.

Hackers often seek to trick people into infecting their PCs by playing on human curiosity. Commonly used tactics include the use headlines referring to terrorist attack or celebrity scandal to lure people in, but security companies have noticed a recent surge in the use of Obama’s name as bait.

“We are also seeing a major malicious spam campaign featuring Obama at the moment, which points to a malware download,” Mr Cluley said. “We’re gathering information about that right now.”

Google declined to comment on individual adverts, but said that harmful links were swiftly removed.

“It’s difficult to talk about security without giving away what we do,” a spokesman said. “We do have a very sophisticated manual and automatic system for removing adverts that may be suspicious.”

The spokesman said that although advertisers were checked against a blacklist of companies that have previously generated complaints, Google did not pre-vet adverts. To do so would slow down the process of getting a campaign online, he said, and speed was one of the system’s key advantages.

At the time of writing, the sponsored link is no longer appearing on searches for Obama.



Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

%d bloggers like this: