14 DAY TRIAL // Security researchers from Websense warn that searching for photos of Presley Walker on Google Images can generate results that direct users to drive-by download pages.
Drive-by downloads are a type of attack in which victims get infected only by visiting a specially crafted web page, without any interaction.
This is normally achieved by exploiting vulnerabilities in outdated software packages found on the their computers.
In the attack detected by Websense, cyber criminals are using a popular exploit kit known as Neosploit which contains exploits for multiple vulnerabilities in Java, Adobe Reader and Windows.
"We first found on Monday that all the image search results took users to a notorious exploit kit – Neosploit. Later, it changed to redirecting users to rogue AV sites.
As we publish this blog, the search results are still poisoned and are leading to Neosploit again," the Websense researchers wrote.
Presley Walker Gerber is the son of Cindy Crawford and Rande Gerber, and at the age of twelve he is already a heart-throb for many young girls thanks to the looks he inherited from his parents, both of whom have had successful careers in modelling.
Search result poisoning attacks are relatively common, but the vast majority of them are used to spread fake antivirus products, commonly referred to as scareware.
Originally applied to regular Google web results, the technique has evolved to also affect image search and also other engines. The fact that this particular campaign combines an exploit-based drive-by download attack with scareware distribution is rather unusual.
"Neosploit is a well-known exploit kit in the black market. The authors reportedly stopped supporting and updating the exploit kit due to financial problems, but variants of Neosploit have been updated frequently.
"The variants may contain MDAC (CVE-2006-0003), ActiveX (CVE-2008-2463, CVE-2008-1898), and three Adobe Reader (Collab.getIcon, Util.Printf, Collab.collectEmailInfo) vulnerabilities, among others," the security researchers warn.