Security software firm Exploit Prevention Labs has published a video which it claims proves that cyber-criminals are using Google's AdWords to infect unsuspecting users with malware.
The firm claimed last week to have hard evidence that the exploit was being carried out.
The Nailed in 30 Seconds video has been posted on YouTube and claims to show how cyber-criminals ran Google ads for legitimate trusted organisations like the Better Business Bureau.
However, when users clicked on the ads, they were redirected to a malicious website that attempted to exploit a common security vulnerability in Internet Explorer.
Users who had not installed Microsoft's latest security patches were infected with a so-called post-logger, malware designed to steal confidential account access information, in this case from customers of 100 different banks.
"The Google attack signals an escalation in the tactics used to take advantage of unpatched vulnerabilities in common software programs," said Roger Thompson, chief technology officer at Exploit Prevention Labs.
"Exploits are threatening to undermine user trust in even the most widely used websites like Google, Yahoo and MSN."
Security firm publishes video of Google AdWords scam
By
Robert Jaques
on May 1, 2007 2:56PM
