Be Careful Searching This Holiday Season

Sunbelt Software, one of the leading developers of security software and hardware, has found large amounts of websites that are there only to stuff malware onto your computer, and these websites are listed high on search terms for search engines like Google, Yahoo and Live. A user whose patches are not up to date that clicks on one of these websites, will be force fed a diet of malware that could cause their machine to just die, or worse, monitor and track everything they do online.

The good news is, if you are fully patched, you shouldn’t have much to worry about, also, if you actually look at the websites you are going to visit before you click them, you can tell if they are good results or not. All of the websites I have seen listed are nonsense name, .cn domain names, etc. Check out this image that I grabbed from the Sunbelt site.

Malware Links

See all of the domain names that are in the highlighted red boxes? Those are the types of domains they are using, as an example,, so don’t click on any of those links, also be careful of the .cn domain names, as they are using many of those. Google has been notified of the problem and have already removed some, but I can still find some of the sites right now, so there is more work to be done.

As the guy from Hill Street Blues used to say, “Hey, lets be careful out there.”

Here are some mentions about this problem on the Sunbelt and other sites.

BREAKING: Massive amounts of malware redirects in searches The original post about this problem from Sunbelt Software, here is a follow up post from them, Malware redirects: The aftermath.

Update: Subverted search sites lead to massive malware attack in progress Trojans, rootkits, password stealers hit users who click on a bad link after a search.

Malware Poisoning Results for Innocent Searches Tens of thousands of malware-serving pages, crafted to reach a high search engine ranking, are showing up in the first page of returns from Google, Yahoo and Live.