Security experts warn against malicious websites that appear in the search results even though they are actually completely unrelated to your searches.
The sites are used to spread, among other things, Gootkit, which is a really nasty malware.
- Redirects from legitimate websites to fake with malicious code
- Spreads malware and other bad stuff – like ransomware
- Can fool even the most astute
The creators of Gootkit initially used other people’s websites to spread their malicious code. Then by compromising the sites and sneaking in their code for download when visitors found there. Or redirect visitors directly to other sites automatically.
Today, the approach has changed somewhat. Instead of focusing on other people’s sites, new, fake sites with the malicious code are created instead. Sites that are heavily optimized for Google and that end up high in the search results.
The sites are very well made and can fool even the most well-read and sharp-sighted IT administrators. But according to the security experts at Sophos, they can be detected, among other things because the content does not match the search phrases on, for example, Google and Bing.
Gootloader’s creators use a number of social engineering tricks that can fool even technically skilled IT users. Fortunately, there are a few warning signs internet users can look out for.
It is difficult to protect yourself completely, but security experts say that extensions for browsers such as NoScript can help. Among other things, they prevent sites that have been hacked and redirected automatically in the browser from taking you to the malicious website.
Pay attention to sites that appear in the search results, but which are not at all related to your search phrases. Use antivirus and firewall, whether you prefer Windows, Linux or macOS. And always be critical of all the results you click on.
