Security software firm Exploit Prevention Labs has published a video which it claims proves that cyber-criminals are using Google's AdWords to infect unsuspecting users with malware.
The firm claimed last week to have hard evidence that the exploit was being carried out.
The Nailed in 30 Seconds video has been posted on YouTube and claims to show how cyber-criminals ran Google ads for legitimate trusted organisations like the Better Business Bureau.
However, when users clicked on the ads, they were redirected to a malicious website that attempted to exploit a common security vulnerability in Internet Explorer.
Users who had not installed Microsoft's latest security patches were infected with a so-called post-logger, malware designed to steal confidential account access information, in this case from customers of 100 different banks.
"The Google attack signals an escalation in the tactics used to take advantage of unpatched vulnerabilities in common software programs," said Roger Thompson, chief technology officer at Exploit Prevention Labs.
"Exploits are threatening to undermine user trust in even the most widely used websites like Google, Yahoo and MSN."
Security firm publishes video of Google AdWords scam
By
Robert Jaques
on
May 1, 2007 2:56PM

Evidence posted on YouTube.
Got a news tip for our journalists? Share it with us anonymously here.
Sponsored Whitepapers
Planning before the breach: You can’t protect what you can’t see
Beyond FTP: Securing and Managing File Transfers
NextGen Security Operations: A Roadmap for the Future

Video: Watch Juniper talk about its Aston Martin partnership
Don’t pay the ransom: A three-step guide to ransomware protection