Exploit Prevention Labs
Home
  Products
  Threat Center
  Support
  About Us
  Media Center
  Contact Us
 
Quick Links
In the News
Press Releases

 

 
Media Center

Press Releases

GOOGLE ADWORDS FALLS VICTIM TO CYBER CRIMINALS

Discovery Reveals Vulnerability of Sponsored Search Ads

April 25, 2007 – Atlanta, GA – Researchers at security software developer Exploit Prevention Labs (http://www.explabs.com) have uncovered hard evidence that cybercriminals are using Google AdWords to infect unsuspecting users with malware. Under the guise of ads for legitimate, trusted organizations like The Better Business Bureau (see screen shot), unsuspecting users are instead redirected to malicious sites that attempt to install exploits and other malware.

Roger Thompson, Exploit Prevention Labs’ CTO, reported his findings yesterday on his blog at http://explabs.blogspot.com/2007/04/google-sponsored-links-not-safe.html.

Exploit Prevention Labs first learned of this new attack vector April 10 when a user of the company’s LinkScanner Pro safe surfing software ran a Google search on the phrase “how to start a business.” The top-ranked sponsored search listing appeared to be from AllBusiness.com, a legitimate business, yet the hyperlink actually led to a site that attempted to install a password--stealing keylogger on the user’s PC. LinkScanner Pro blocked the threat and automatically reported the discovery back to Exploit Prevention Labs researchers, who launched an immediate investigation.

Thompson’s team discovered that, on April 2 or 3, a known-bad organization registered the domain name Smarttracker.org. By April 10, the organization had opened a Google AdWords account and purchased campaigns for various search terms. Although each of the ads displayed a trusted hyperlink, clicking on the link redirected the user to smarttracker.org before sending them on to their intended destination.

Although Google has terminated this particular offending account, the discovery highlights problems facing all sponsored search vendors - how to determine the legitimacy of any individual advertiser, and how to determine whether a redirected link is being used legitimately.

Exploit Prevention Labs' LinkScanner family of safe surfing software provides complete, real-time protection against malicious web sites, exploits, phishing, and other social engineering attacks. To learn more, or to download a free trial version, visit http://www.explabs.com/products/lspro_trial.asp.

Note to media: Members of the media who would like to interview Roger Thompson about this discovery may contact Tim Shisler of Dovetail Public Relations at 408-395-3600 or at xpl (at) dovetailpr (dot) com.

About Exploit Prevention Labs
Founded by information security veterans Bob Bales and Roger Thompson in 2005, Exploit Prevention Labs develops the LinkScanner family of safe surfing software and services. LinkScanner Pro, LinkScanner Lite and LinkScanner Online provide patent-pending protection against malicious web sites and web-based exploits during the critical risk window between the announcement of a security vulnerability and the provision of a patch by the vendor. A Software Development Kit (SDK) is also available to enable third party vendors to incorporate Exploit Prevention Labs’ technology in their own applications and services. More information about Exploit Prevention Labs and LinkScanner may be found on the company’s website at http://www.explabs.com.

###

Media Contact:
Tim Shisler/Julie Parayno
Dovetail Public Relations
408.395.3600
xpl at dovetailpr.com

 
Home  |  Products  |  Support  |  About Us  |  Privacy Policy  |  Affiliate Program
Copyright © 2008 Exploit Prevention Labs. All rights reserved.