Hackers create a lookalike Google Italy site and lure users to download malicious apps
Some visitors to the Google Italy site are getting an unwelcome surprise this week, as a look-alike site hijacks their browsers and installs malware on their machines.
Researchers at IT security vendor SurfControl plc 's Global Threat Expert center reported today that they have discovered an "evil twin" Website that looks almost exactly like the Google Italy site. In an exploit known as "typosquatting," attackers have built the evil twin under a URL that is spelled slightly differently, duping users who might make an errant keystroke or click on a bad link.
When users enter, the fake site automatically attempts to install ActiveX controls on their PCs. If the installation is successful, the site drops a Trojan horse that redirects the homepage to a site filled with adult content.
In addition, the site installs a package of malware on the user's PC, including adware and a keylogger that can be used to monitor the user's keystrokes and send the information to a remote location. Some users have also experienced attempts to send spam through the infected machines, including spam with malware attached, SurfControl said.
Users can fight the fake by turning off Internet Explorer's ability to automatically install ActiveX controls, the security vendor says. If ActiveX controls are turned off, the user cannot be infected without giving the go-ahead for installation.
— Tim Wilson, Site Editor, Dark Reading
About the Author(s)
You May Also Like
Guarding the Cloud: Top 5 Cloud Security Hacks and How You Can Avoid Them
April 4, 2024Cybersecurity Strategies for Small and Med Sized Businesses
April 11, 2024Defending Against Today's Threat Landscape with MDR
April 18, 2024Securing Code in the Age of AI
April 24, 2024
Black Hat USA - August 3-8 - Learn More
August 3, 2024Cybersecurity's Hottest New Technologies: What You Need To Know
March 21, 2024Black Hat Asia - April 16-19 - Learn More
April 16, 2024