Language Selection

English French German Italian Portuguese Spanish

Beware How You Google

Filed under
Web

A simple misspelling of Google's domain name could lead to a Web surfer's worst nightmare.

In a new twist to the old practice of "typosquatting," virus writers have registered a slight variation of Google Inc.'s popular search-engine site to take advantage of any users who botch the spelling of the google.com URL.

The malicious site, googkle.com, is infested with Trojan droppers, downloaders, backdoors and spyware, and an unsuspecting user only has to visit the page to be at risk of computer hijack attacks, according to a warning from Finnish anti-virus vendor F-Secure Corp.

When googkle.com is opened in a browser, two pop-up windows are immediately launched with redirects to third-party sites loaded with scripts. One of the sites, ntsearch.com, downloads and runs a "pop.chm" file, and the other, toolbarpartner.com, downloads and runs a "ddfs.chm" file, F-Secure said.

"Both files are downloaded using exploits and they contain exploits themselves to run embedded executable files. One of the Web pages of the 'toolbarpartner.com' website downloads a file named 'pic10.jpg' using an exploit. This JPG file is actually an executable that replaces [the] Windows Media Player application," the warning reads.

The typosquatters also launch a steady stream of pop-up Web pages with different .exe files.

One batch of exploits loads a malware package that includes two backdoors, two Trojan droppers, a proxy Trojan, a spying Trojan and a Trojan downloader.

It is not yet clear if the attack vector takes advantage of an unpatched version of Microsoft Corp.'s Internet Explorer. Redmond officials could not be reached for comment.

Full Story.

More in Tux Machines

NVIDIA Posts Tegra Gallium3D Patch For K1+ Support

NVIDIA has out a wonderful Thanksgiving surprise... New Mesa code for Tegra K1 GPUs and newer! While NVIDIA has already pushed Nouveau Gallium3D support patches for Tegra K1 after providing Tegra K1 DRM/KMS kernel driver support, there's more code coming out today. NVIDIA's Thierry Reding sent out a nearly two thousand line Mesa patch that introduces a new Tegra Gallium3D driver. This "Tegra" code at gallium/drivers though isn't a complete 3D driver -- the Tegra K1+ still use the NVIDIA NVC0 Gallium3D driver for the actual rendering. This patch sets up a screen and forwards on the work to the Nouveau Gallium3D driver given that the Tegra K1 uses a Kepler-derived graphics processor. This work is needed since the GPU and display are exposed as separate devices by this NVIDIA ARM SoC. Read more

Ubuntu 14.10 MacBook Air Tests With Linux 3.18, Mesa 10.5

This week I posted some OS X 10.10 vs. Ubuntu 14.10 benchmarks from a Haswell-based Apple MacBook Air. Ubuntu 14.10 out-of-the-box was largely performing better than Apple's latest OS X Yosemite release while today are some more Ubuntu OpenGL numbers tossed in for the graphics tests when upgrading against Intel's latest HD Graphics code for Linux. Read more

Confirmed: Ubuntu-Powered Meizu MX Devices to Land in Europe Soon

Canonical and Meizu have signed a partnership for the distribution of Ubuntu-powered phones that should arrive in the first months of 2015. The details are still sketchy, but the information about this collaboration has been confirmed. Read more

Git 2.2.0 Released With 550+ Changes

Junio Hamano released Git 2.2.0 this evening with more than 550 changes from seventy-seven contributors since the Git 2.1 release. Git 2.2 brings numerous improvements to Git's many sub-commands, a new anonymize option for fast-export to help in reporting Git bugs but found for private/confidential repositories, new API calls, and various performance optimizations. Of course, there's many fixes too. Learn more about the many features to Git 2.2 via the very lengthy release announcement. Read more