Criminals Target Google’s AdWords

April 30, 2007: Security firm Exploit Prevention Labs has discovered that malicious software coders have been using Google’s AdWords advertising system to spread malware infections.

According to Exploit Prevention Labs CTO Roger Thompson, the company uncovered exploits posing as URLs in the sponsored links accompanying Google search results.

Clicking on one of the malicious links, though, takes the user to the real website, but before the intended destination is reached “it takes the unwary traveller through smarttrack.org, which uses a modified MDAC exploit to try to install a backdoor and a post-logger on your system,” writes Thompson on the EPL blog.

“The post-logger is specifically targeting about 100 banks from around the world, by injecting extra html into those banks response pages, to try to coax extra information out of the victim. (Although it specifically targets those 100, it is an equal-opportunity logger and happily logs all user ids and passwords for any webpage.)”

What is more interesting, is normal ad links show users a preview of the intended address. These dastardly links though, have managed to get around the preview function, leaving it blank and the user in the dark about where they are going exactly.

Google quickly terminated the account when the flaw came to light, however, as with the nature of the web all traces of the scam are yet to disappear.

Comment on this story