How Malicious Software Can Infect Your Computer When Searching Online

Be very, very careful when typing "www.google.com" into your browser's address window. If you inadvertently type (do not do this) "www.googkle.com", your computer will be infested with Trojan droppers, downloaders, backdoors and spyware, and an unsuspecting user only has to visit the page to be at risk of computer hijack attacks, according to a warning from Finnish anti-virus vendor F-Secure Corp.

When googkle.com is opened in a browser, two pop-up windows are immediately launched with redirects to third-party sites loaded with scripts. One of the sites, ntsearch.com, downloads and runs a "pop.chm" file, and the other, toolbarpartner.com, downloads and runs a "ddfs.chm" file, F-Secure said.

Photo credit: Valentina Degiorgis

"Both files are downloaded using exploits and they contain exploits themselves to run embedded executable files. One of the Web pages of the 'toolbarpartner.com' website downloads a file named 'pic10.jpg' using an exploit. This JPG file is actually an executable that replaces [the] Windows Media Player application," the warning reads.

 

 

Photo credit: Techtree.com

As at the time of publication of this news article, there has been no response reported from Google's Press Center.

You can get the latest updates on this topic through an RSS-based news radar I have just created by copying the link into your RSS news aggregator (e.g.: Bloglines): Googkle