Phishing campaigns spotted on Google Blogger.com pages

By

Hundreds of weblogs on Google's Blogger.com platform are being used in phishing attacks or to disseminate malware, according to research released last week by Fortinet.

Phishing campaigns spotted on Google Blogger.com pages
Some traffic to the malicious blogs is being driven by a variant of the Stration mass-mailing worm, according to an advisory on Fortinet website.

One malicious script links to "Pharmacy Express," which advertises low-cost offers for Viagra and Valium but actually lures victims into typing in personal and medical information to be collected by fraudsters.

A script on the page downloads a file to track IP addresses, browser types and versions, according to Fortinet.

The company also disclosed a Blogspot site dedicated to the Honda CR450 automobile, which infects PCs with the Wonka trojan when they click on the blog’s links.

"The site may have been chosen due to its popularity in search engines," according to Fortinet.

Other malicious Blogspot pages were dedicated to Star Wars, school, furniture and Christmas, according to the network security vendor.

A Fortinet representative could not immediately be reached for comment.

Barry Schnitt, Google spokesman, directed requests for comment to a company statement that said the search giant is looking into the reports and responding accordingly.

"These are not legitimate blogs that were compromised. They appear to be deliberately set up to promote phishing, which is against our terms of service," Google said in the statement. "We are investigating and blogs found to include malicious code or promote phishing will be deleted."
Got a news tip for our journalists? Share it with us anonymously here.
Tags:

Most Read Articles

Australia's super funds told to assess authentication controls

Australia's super funds told to assess authentication controls

Woolworths' CSO is Optus-bound

Woolworths' CSO is Optus-bound

Hackers abuse modified Salesforce app to steal data, extort companies

Hackers abuse modified Salesforce app to steal data, extort companies

The Northern Beaches Women's Shelter hones focus on tech-enabled abuse

The Northern Beaches Women's Shelter hones focus on tech-enabled abuse

Log In

  |  Forgot your password?