ChristiansUnite Forums

Hackers infiltrate Google searches

Hackers have turned their attention to search engines in the latest attempt to invade the computers of unsuspecting Web users.

In the past few weeks, they have taken advantage of Web pages that incorrectly use JavaScript, a computer language used in features like interactive maps, to infect thousands of sites. The altered sites show up in a Google search, and when clicked on, redirect the user to a malicious program that aims to steal information.

One goal is to infect users' computers, possibly by installing a device to capture keystrokes, and therefore passwords and other sensitive information.

Seven out of 10 Web sites are vulnerable to these flaws, according to WhiteHat Security in Santa Clara. It's unclear, however, how widespread the problem is because many users don't realize they've been infected.

Google is working on a filter that will find and automatically block such malicious Web addresses, a spokesman said Tuesday. In the meantime, it has been contacting affected organizations to advise them on how to fix their sites' vulnerabilities.

In the latest attacks, which occurred last week, hackers planted malicious search terms in Web addresses along with popular search words so the sites would be ranked high in Google searches.

One site that was infected, the TalkingBiz blog run by the University of North Carolina in Chapel Hill, tried to get visitors to download malicious code from a site hosted in American Samoa that has since been taken down. The location of the site does not indicate the location of the hackers, however.

The university said it doesn't know how the site was infected or who is responsible for the attack.

Among the retail victims named Friday were Wal-Mart, Target, Sears and Bloomingdale's, according to an independent security consultant, Dancho Danchev, who has been blogging about the attacks from the Netherlands since the beginning of March.

The attacks were also reported by several security vendors and the Internet Storm Center at SANS, a group of researchers in Bethesda, Md.

Wal-Mart, Target and Sears said they were aware of the attacks. Wal-Mart said that its site had not been affected and that it protects customers from "fraudulent online activity." Target said that it works with Amazon, which provides Target's Web infrastructure, to protect customers and that there is no risk to customers who visit Target.com. Sears said it is "taking the appropriate steps to ensure the Web site's security." Bloomingdale's was not available for comment.

Media targets named by Danchev include USAToday, ABCNews, Forbes.com and News.com. USAToday reported on the attacks on Monday.

Mass Web attacks were also reported in mid-March by Websense, a security vendor in San Diego that filters Web sites for corporations. Hackers were probing Web pages looking for vulnerabilities to an attack that allowed the hackers to get into and make changes to any SQL server databases behind the vulnerable sites, said Charles Renert, senior director of advanced content research.

In some cases, every record in a database was linked to a piece of malware, Renert said.

Keeping your computer secure

Users can best protect themselves by updating their anti-virus software and securing their browsers, according to US-Cert, a division of the Department of Homeland Security. Instructions on browser security can be found at links.sfgate.com/ZCWP.

Hello Pastor Roger,

Brother, thanks for posting this information! I've read bits and pieces of information about this from various sources, and I think it should be taken seriously.

For users of Firefox, I want to mention two extensions that might help avoid a ton of trouble.

1 - AdBlock Plus - This does much more than just block unwanted advertising. A primary function of one subscription is to block DANGEROUS ADVERTISING that carries all kinds of problems with it. Many of the dangerous items that are blocked are INTENDED to create havoc and are NOT just a mistake. I'm talking about the one spreading the problem, not the site where the advertisement might appear. Many of the sites where dangerous things are being distributed MAY be INNOCENT and not know what's being done. In fact, you could be an INNOCENT VICTIM already and not know what your computer is ALREADY DOING to others, including people in your Personal Address Book. AdBlock Plus is not a catch-all and do-all, but it is one excellent tool that can help you protect your computer. This extension is ONLY for the FireFox Browser, but there are similar products to protect other browsers.

2 - NoScript - This is another FireFox Extension that blocks and/or controls scripts and what kinds of scripts that you will accept from various sites. Again, it comes with a list of completely malicious sites that are automatically configured. It really controls much more than just scripts and who is allowed to send scripts for your Browser to process, but I won't go into the other areas of protection here. I'll simply say that NoScript gives you a list of things being blocked and from where with each site you visit. You have the choice of permitting or denying each item that's being blocked on each specific site. The NoScript Home Web Site has some excellent tutorials that will help you learn what to do and how to do it. The things that NoScript blocks usually falls in three broad categories:  1) Irritating; 2) Time consuming; 3) Dangerous. Please note that NoScript can also control what Plug-ins are allowed to be used on each individual site. Another NICE function of NoScript is complete control of which sites can automatically INSTALL programs onto your computer. YES - this does happen these days, and many of them are very dangerous. The general behavior of NoScript in visiting a new site where you haven't been before is to block a list of things, and you can un-block what you want to unblock, depending on how safe you think the site is.

Brothers and Sisters, AdBlock Plus and NoScript are completely FREE extensions for FireFox that are FAST, EFFICIENT, and SAFE to use. They are highly rated because they work. However, they don't replace the need for other security measures on your computer. As an example, you should still be using Virus and Trojan Scanners.

By the way, I'm not aware of there EVER being a dangerous Ad or Script on Christians Unite. As far as I know, Christians Unite is one of the safest sites on the Internet. Please know that the Moderators here are unpaid volunteers simply for the LORD, so we don't have any reason to tell you anything but the TRUTH. So, the Mail System on Christians Unite is ALSO one of the safest on the Internet. Christians Unite is ALSO a CLEAN and SAFE place for CHRISTIAN FAMILY USE - INCLUDING CHILDREN!

There can't ever be a 100% guarantee of safety on the Internet, but I'll say that Christians Unite has an  OUTSTANDING AND LENGTHY RECORD OF SAFETY!