When phishers attack blog sites

Phishers are planting malicious code on Web sites that show up in keyword searches.

Phishers appear to be planting malicious exploit code on various sites in the hopes that you'll stumble upon them through keyword searches. Yesterday, security vendor Fortinet reported that certain Blogger.com sites appear to be hosting malicious content, and we speculated that the pages had been compromised using cross-site scripting attacks.

Today Google, which owns Blogger.com, said in a statement to CNET that the example sites cited by Fortinet appear to be "deliberately set up to promote phishing, which is against our terms of service."

Indeed, in reviewing the example we visited yesterday, there are numerous red flags. First, the content of the blog is gibberish. Although the page is in English, the visitor counter is in Russian. None of these alone are damning, but casual or even accidental visitors to the blog page could find themselves infected with a remote access Trojan horse. Google said that it is investigating these pages and concluded that "blogs found to include malicious code or promote phishing will be deleted."

Tags:
Software
About the author

    As CNET's former resident security expert, Robert Vamosi has been interviewed on the BBC, CNN, MSNBC, and other outlets to share his knowledge about the latest online threats and to offer advice on personal and corporate security.

     

    Join the discussion

    Conversation powered by Livefyre

    Show Comments Hide Comments
    Latest Galleries from CNET
    The best tech products of 2014
    Does this Wi-Fi-enabled doorbell Ring true? (pictures)
    Seven tips for securing your Facebook account
    The best 3D-printing projects of 2014 (pictures)
    15 crazy old phones from a Korean museum (pictures)
    10 gloriously geeky highlights from 2014 (pictures)