We use cookies to provide you with a better experience. If you continue to use this site, we'll assume you're happy with this. Alternatively, click here to find out how to manage these cookies

hide cookie message
80,259 News Articles

'Apple iPad' searches used to spread malware

BlackHat SEO pushes fraudulent websites

Security researchers are warning that web searching for the term 'Apple iPad' can lead to fraudulent websites.

According to researchers from Websense, terms such as 'iPad', 'Apple Tablet' and 'Apple iPad' are already being used in attacks based on search result poisoning, also known as the 'BlackHat Search Engine Optimisation' technique.

Describing such attacks, email security firm Spamfighter said that criminals use legitimate search-engine optimisation techniques to place fraudulent sites at the top of search results for popular terms.

The BlackHat SEO attacks appeared only a few hours after the much-hyped Apple iPad launch. Attackers used freely available search-engine software to target widely used search subjects, and then inserted details into hacked sites.

One example the Websense researchers have found is a fake antivirus scam. This is found on websites giving out information about the Apple Tablet. When unwitting web users find the sites, they are told that their PC is infected with malicious software, and coerced into buying a 'antivirus' licence to clean it up.

In reality there is no infection, and the 'AV' is at best useless.

Security giant Symantec has also warned that, as well as rogue antivirus and malware attacks, web users should look out for bogus promotional and retail offers offering discounted or free iPads. If an offer looks too good to be true, it almost certainly is.

Speaking about the increase in search-targetted threats, PC Tools' Richard Clooke said: "Our malware experts are seeing increasing numbers of threats that are linked to search results. Large numbers of users who search for reports on a news story or product launch are then targeted by malware authors who use the opportunity to distribute rogueware (or fake antivirus software).

"Cybercriminals are now seeding Google search results before a particular event occurs, so that when a user follows a link they are redirected to a window informing them that they are infected with malware. Users are then advised to download a fake antivirus software product to get rid of the infection. As they download and install the fake antivirus software they are asked for credit card information. Malware is then installed on the user's computer and any financial information entered is sent off to cybercriminals."

And Clooke offered this advice for worried web surfers: "Consumers need to make sure their security software is up to date and that it includes real-time comprehensive behavioural protection to reflect their engagement with the online world."

Related articles:


IDG UK Sites

Best Christmas 2014 UK tech deals, Boxing Day 2014 UK tech deals & January sales 2015 UK tech...

IDG UK Sites

Apple's 2014 highlights: the most significant Apple news of 2014

IDG UK Sites

See the festive spots creative companies have released for Christmas

IDG UK Sites

Ultimate iOS 8 Tips: 35 awesome and advanced tips for using iOS 8 on iPhone and iPad