14 DAY TRIAL // The security company Exploit Prevention Labs managed to discover the procedure used for last week's Google hack that affected a considerable number of AdWords publishers. The firm sustained the entire malicious move was based on trusted websites redirected to famous organizations such as The Better Business Bureau. When an ordinary user searches Google for this organization, the technology returns him two types of links for the same website. Let me explain it better. As you know, Google uses the SERP to return ordinary links and sponsored links that are placed in the right part of the screen. The attackers managed to exploit the sponsored links and every time a user clicked on them, he was redirected to a malicious website that installed an infected file on his computer. The difference between the good link and the bad link was made by the real website displayed in the bottom part of the browser, the sponsored website showing no information to the user.
However, the vulnerability was using a security flaw in Internet Explorer so, only the unpatched browsers were affected. According to the report, the malicious website installed a postlogger, a dangerous type of malware that manages to steal almost any information without any notification sent to its users.
"The Google attack signals an escalation in the tactics used by the bad guys to take advantage of unpatched vulnerabilities in common software programs. Exploits are threatening to undermine users' trust in even the most widely used websites like Google, Yahoo and MSN," said Roger Thompson, CTO of Exploit Prevention Labs according to a press release published by the security company.
As you can see in the clip, the security company was using LinkScanner, a powerful application that scans all the links before clicking on them so the security of the browsing is well-improved. The sponsored link presented in the video is marked with a red sign that means the website was actually infected with a malware file able to steal your private information.