Misspelled URL takes users to malicious web site

By on

Researchers at antivirus company F-Secure have discovered a malicious website that targets users who make a spelling error when they type in Google.com.

If a user trying to visit the popular search engine accidentally types "Googkle.com," they will open up a malicious web site that attempts to exploit known vulnerabilities in the web browser - mostly Internet Explorer - to drop spyware onto the machine, said Ero Carrera, F-Secure virus researcher.

On its web site, F-Secure urged users to not go to the malicious web site. As of Wednesday afternoon, the site was still up, Carrera said. Researchers have reported the site, which is owned by people with Russian names, to authorities.

F-Secure researchers have seen the technique used before, but usually the spoofed web site aims to make a political statement of some sort, not to install malware, Carrera said.

www.f-secure.com

 

Copyright © SC Magazine, US edition
Tags:

Most Read Articles

Log In

Username:
Password:
|  Forgot your password?