Language Selection

English French German Italian Portuguese Spanish

Beware How You Google

Filed under
Web

A simple misspelling of Google's domain name could lead to a Web surfer's worst nightmare.

In a new twist to the old practice of "typosquatting," virus writers have registered a slight variation of Google Inc.'s popular search-engine site to take advantage of any users who botch the spelling of the google.com URL.

The malicious site, googkle.com, is infested with Trojan droppers, downloaders, backdoors and spyware, and an unsuspecting user only has to visit the page to be at risk of computer hijack attacks, according to a warning from Finnish anti-virus vendor F-Secure Corp.

When googkle.com is opened in a browser, two pop-up windows are immediately launched with redirects to third-party sites loaded with scripts. One of the sites, ntsearch.com, downloads and runs a "pop.chm" file, and the other, toolbarpartner.com, downloads and runs a "ddfs.chm" file, F-Secure said.

"Both files are downloaded using exploits and they contain exploits themselves to run embedded executable files. One of the Web pages of the 'toolbarpartner.com' website downloads a file named 'pic10.jpg' using an exploit. This JPG file is actually an executable that replaces [the] Windows Media Player application," the warning reads.

The typosquatters also launch a steady stream of pop-up Web pages with different .exe files.

One batch of exploits loads a malware package that includes two backdoors, two Trojan droppers, a proxy Trojan, a spying Trojan and a Trojan downloader.

It is not yet clear if the attack vector takes advantage of an unpatched version of Microsoft Corp.'s Internet Explorer. Redmond officials could not be reached for comment.

Full Story.

More in Tux Machines

Development News

  • PHP 7.1 Alpha 2 Released
    Succeeding the PHP 7.1 Alpha release that happened earlier this month is now the second alpha build of this significant update to the PHP programming language.
  • 4 languages poised to out-Python Python
    Nothing lasts forever -- including programming languages. What seems like the future of computing today may be tomorrow's footnote, whether deserved or undeserved. Python, currently riding high on the list of languages to know, seems like a candidate for near-immortality at this point. But other languages are showing that they share Python's strengths: convenient to program in, decked out with powerful ways to perform math and science work, arrayed with a huge number of convenient third-party libraries.
  • ECMAScript 2016: The Latest Version Of JavaScript Language Has Arrived

Linux Devices

  • Open-source project for smartwatches seeks developer contributions
    AsteroidOS is an open-source smartwatch operating system still in its early stages of development. Developers can currently port AsteroidOS to new smartwatches, or develop, translate and test apps on their own watches. They can also create an Asteroid app by using an SDK that is generated by OpenEmbedded, a build framework for embedded Linux. Developers can use a prebuilt SDK or build it themselves.
  • Raspberry Pi powers RaspTouch open source music player
    RaspTouch mainCheck out the RaspTouch project on KickStarter, from France. It has two main elements: the touchscreen interface and the main body of the player, featuring a ES9023 or ES9018K2M DAC output. The makers describe it as the “ultimate open source music player”.
  • Small footprint open source hypervisor

Mozilla Rebranding

  • Mozilla Pushes Online Privacy with New Open Source Funding Awards
    Mozilla is funneling yet more money into the open source ecosystem. This week, the organization best known for the Firefox Web browser announced an award of $385,000 to fund eight open source projects, including several important online privacy platforms.
  • Mozilla to Rebrand Itself, and You're Invited to Help
    Mozilla has been involved in reinventing itself for some time now. Known for the venerable Firefox browser, it has made forays into several other open source arenas, and was even known for its dalliance with the smartphone business. The company is currently involved in a broad rebranding effort, and the way it is going about rebranding comes directly from the open source playbook.
  • “Branding without walls”: Mozilla’s open-source rebrand
    Internet advocacy and software group Mozilla is rebranding with help from johnson banks. In an unusual move, the company has decided to document the process online – from strategy and concept development to refinement – inviting its community to help shape its new positioning

Google “Project Bloks” education kit starts with RPi Zero

Google’s “Project Bloks” education platform is built around a Raspberry Pi Zero that controls baseboards that talk to “Puck” inputs via a capacitive sensor. Google announced a Project Bloks hacker platform for kids, developed with IDEO and Paulo Blikstein of Stanford University. A prototype has been built based on the Linux-driven Raspberry Pi Zero SBC, and now Google is seeking researchers, developers, and designers who are interested in using the technology “to build physical coding experiences.” Later this year, Google will conduct a remote research study with the help of these partners. Read more