Hackers use Google Trends as a hitlist

3 Oct 2008

Malware writers set up faek blogs based on tip offs from Google's Trends website, warns security firm

Hackers are setting up fake blogs riddled with malware, after being tipped off about the latest hot topics from Google Trends.

The Google Trends website provides constantly updated information on the popularity of search terms.

The Trends homepage lists the current hot topics. Today's list, for example, has "who won the vp debate" at the top, following last night's debate between Sarah Palin and Joe Biden.

Security specialists Webroot says hackers are exploiting this information to make sure their fake blogs are more likely to be picked up by the search engine.

"For the first time, hackers are capitalising on the top news stories from Google Trends Labs, which lists the day's most frequently searched topics, which can include news of the Wall St. bail out or the presidential campaign," claims Paul Piccard, director of threat research at Webroot.

"These highly relevant news stories and videos are being posted to the hackers' fake blogs to increase the site's Google search rankings."

Webroot claims the blogs often contain video links to the story the person was originally searching for. This leads to them downloading a video codec that comes with a malicious payload.

"Placing malware in video links on fake blogs is not a novel approach," says Paul Lipman, Webroot's senior vice president. "However, the fact that these hackers are now manipulating Google's methods for relevance to increase the ranking of these sites is new and greatly increases the number of people exposed to this threat."

Webroot naturally warns users to keep their security software up to date and to avoid downloading video on unfamiliar sites.