back to article Google results flog millions of compromised webpages

Two ongoing scams are tricking Google and other search engines into prominently displaying millions of compromised webpages that attempt to hijack end users' computers or steal their credit card numbers, researchers said. One of the attacks is being used to direct people searching the web to an online store hawking pirated …

COMMENTS

This topic is closed for new posts.

This post has been deleted by its author

Silver badge
FAIL

@ac

Expert sExchange serve up the same page to users as the googlebot.

Try scrolling right to the bottom of the page to see the actual answers.

0
0
Anonymous Coward

needs a third way

Google needs to add a third technique to their algorithmic and manual ones: bounties.

Offer substantial sums for evidenced exploits.

That way, you've got some of the good guys being rewarded for debugging Google's own code; plus some of the bad guys will find it more profitable to sell their exploits to Google rather than to the bad guys who monetarise exploits.

A couple of million paid out in public QA bounties will radically change the balance of power,

0
0
Anonymous Coward

'Misconfigured ASP webpages'

"A separate attack is the work of a botnet dubbed ASProx, which injects malicious links into misconfigured ASP webpages."

Anyone have any information on that? Is it just persistent XSS?

0
0
Grenade

(title)

I teach my clients to treat Google and other search engines like Russian Roulette. The search terms they choose defines how many chambers are filled. Try hunting for "free games" or "photoshop crack" and five out of six of those chambers will be loaded.

0
0
WTF?

Firewalls?

Are their any software firewall products that I could use to filter ip addresses by geographical location?

I would like to just stop any traffic between my computer and all of the eastern bloc countries. I never look for stuff there anyway. It would teach them a lesson that if they can't play nice we won't talk to them.

Kinda like an electronic silent treatment. To be honest the cleverer ones may start spoofing other IP's but ultimately the more obstacles you put in the way the better.

Please point me in the right direction. It MUST be possible.

0
0

This post has been deleted by its author

This topic is closed for new posts.

Forums