Google cleans malware links from AdWords

Google cleans malware links from AdWords

Search engine giant Google has confirmed that they have removed paid advertisements that link to 20 search terms which are used by malware writers to target innocent victims to steal their personal identities.

However, this has not satisfied the online researchers who claim that the company might need to do even more to make sure that their ads do not end up harming web users.

Exploit Prevention Labs was the first company to have discovered this scam running on Google AdWords. Roger Thompson, CTO for Exploit Prevention Labs said in a statement: “The post-logger is specifically targeting about 100 banks from around the world, by injecting extra HTML into those banks’ response pages, to try to coax extra information out of the victim.”

Exploit Prevention Labs added that most links pretended to be going to legitimate websites like Better Business Bureau and Cars.com. However the user was redirected to sites hosting malicious content.

Michael Sutton, a security evangelist with SPI Dynamics and former VeriSign iDefense lab director added: “Client-side attacks, however, always require some form of social engineering; the attacker must convince the victim to perform some action, such as visit a Web page. This is typically done by sending spam e-mail to thousands of people. While most will ignore the message, a handful will fall for the scam.”