Categories
Uncategorized

“Thank you for your visit” could mean you’re curious or just gullible

Lisa Vaas of eWeek has an article today on how nearly 500 people took the bait to ‘Click Here to Get Infected.’ It was as simple as setting up an innocent looking domain name (drive-by-download.info), one with an ‘.info’ suffix that is reportedly popular with malware providers, as noted in the article. If you managed to find the ad and click through, you received a “Thank you for your visit” message. Sounds innocent enough. 



“That was evidenced by the 409 people who clicked on an ad that offers infection for those with virus-free PCs. The ad, run by a person who identifies himself as security professional Didier Stevens, reads like this:


Drive-By Download
Is your PC virus-free?
Get it infected here!
drive-by-download.info


“Stevens, who says he works for Contraste Europe, a branch of the IT consultancy The Contraste Group, has been running his Google Adwords campaign for six months now and has received 409 hits. Stevens has done similar research in the past, such as finding out how easy it is to land on a drive-by download site when doing a Google search.”


In other words, be careful what you click on.


Although the site owner and the mock-site owner claims that no PCs were harmed, it goes to show that a significant number of people will click on ads or other interesting tidbits that have the potential harbour potential malware or malicious code. (In a related post, see “ani exploit via e-mail: you’d think hackers would know how to spell ‘Britney Spears’.)


You can read more about this on the site owner’s blog at http://didierstevens.wordpress.com/tag/malware/.


For more, see my past note on how there’s no immunity from security vulnerabilities.



Tags: , , , , , .