Cybercrooks are at it again, they are targeting a new form of web search technology to poison more search results with malicious sites that spread malware.
Hackers have developed a new interest in Google's Wave technology over the course of a few months ever since its announcement in May of 2009. The ancillary web search results that utilize Google's Wave technology is the new target for hackers where they will attempt to piggyback off of Wave web searchers to divert Internet users to malicious websites. The goal of the cybercriminals is to spread malicious software onto computer users through these infected sites which appear in poisoned search results.
Google's Wave technology is believed to merge email, instant messaging, wiki and social networking into an interactive multi-user conferencing system. The system is an online technology that will not operate in real time and has very limited offline functionality. After the beta release to 100,000 test users of this new platform, it has taken on a popular face among malware developers.
Cybercriminals are already flooding search results related to the new Wave technology to point computer users to malicious sites that spread fake anti-virus software. Anyone looking for information related to Google Wave via online web search engines will have to dig through several results that could lead them to a hacker-created site.
This is not the first time hackers have used a popular searched item to poison search results. In order to route Internet users to malicious websites, cybercriminals will need to hack into enormous amounts of web servers and insert malware sources into the system. To do this, they will automate the process by using botnets to target SQL injection vulnerabilities in web applications. However, their new approach is to push malicious malware-infected pages by breaking into web programs (mostly PHP-driven) and making an edited index that has links to the pages infected with malware.
Even though Google is nearly impervious to hacking attacks, through supplementary web search results hackers can pursue hacking campaigns that are designed to target popular search terms and draw in unsuspecting computer users. In the end, cybercriminals want to grab Internet users' money and they will take a ride on the Google Wave search to get it.