Craig Schmugar at McAfee Lab Blog went looking for Operation Aurora exploits from the earthquake crisis over the weekend and found something interesting. He shows just how easy it is to use the tragedy in Haiti to commit a little clickjacking:
I figured a good place to look for attackers is by Googling the most popular search terms of the day. It’s been a while since I last researched search engine manipulation. As expected it was quite easy to find high ranking search results for Haiti-related terms; the vast majority led to rogue antivirus malicious sites, similar to earlier blogs. I did not come across any sites exploiting the recent zero-day IE vulnerability. However, I did come across plenty of Clickjacking, but not just Clickjacking, they have incorporated Google Trends, Digg.com, Blackhat SEO, and Clickfraud as well.
Go read the whole thing to see how easy it is to get yourself duped.
Continue Reading
