This morning Websense® ThreatSeeker® Network alerted us that if a user enters the term "Download Chrome" in Google Search, the 36th result would result in potentially malicious content being downloaded to the user's machine. I'll briefly describe the attack vector in which the content is sent to the user. Web Search Search for "Download Chrome": The 36th result leads to a compromised, unofficial Google Chrome plugin Web page: Compromised Web site The 36th result leads to to this website: The above site: is a legitimate, unofficial Google Chrome plugin forum Web page which is pulling in content from two malicious Web sites. We believe this Web page was compromised. One indicator that this is a compromised site, as opposed to a site set up for strictly malicious purposes, is that the whois registration information, which helps indicate the reputation, is registered in 2008. The registration details also seem to indicate that real inf
Comments
Post a Comment
Để lại góp ý của bạn để blog của mình hoàn thiện hơn :))