Apple iPad Targeted By Hackers In SEO Poisoning Attacks
Hackers are already starting to exploit the news of the Apple iPad, and the upsurge of search terms on Google and Bing related to the release, by launching SEO attacks that ultimately put their own phishing Web sites at the top of search engines' search pages, according to security experts at Websense.
Security researchers have thus far detected a rogue anti-virus application that is gaining momentum by impersonating sites that offer news and product information about the Apple Tablet computer.
The rogue anti-virus application is bogus, with a 30 percent detection rate, Websense researchers say. And like most rogue AV applications, it reports non-existent infections when the file is installed, while inundating the user with on-going pop-up prompts. The application then offers to "clean" the users' system once the user pays the requested price by submitting credit card data.
The download is a scam, however, and cybercriminals will walk away with the victim's credit card numbers and possibly other personally identifying information.
Apple made a splash in the industry Wednesday with the launch of its iPad, a device that falls somewhere between a laptop computer and smart phone, containing a flat-panel touch screen, wireless connectivity and a virtual keyboard, while providing the user with the ability to watch movies, read books electronically, listen to music and have access to tens of thousands of smart phone apps.
Search engines have been bombarded terms such as "Apple" "tablet" and "iPad" since Wednesday by users eager to find news on Cupertino's latest notebook computer -- a fact not lost on cybercriminals.
During the SEO attacks, hackers use keywords to manipulate the search engine algorithm, elevating the search rankings of their malware and phishing sites. Users then open these pages, often mistakenly associating legitimacy with higher page rankings.
And more malicious sites will inevitably emerge over the next few weeks, as more cybercriminals jump on the Apple iPad bandwagon, security experts say.
"Scammers often piggyback off of current events to take advantage of end-users," said Andy Hayter, anti-malware program manager for ICSA Labs, a testing and certification firm for security products, in an e-mail. "This is nothing new, and was most recently evidenced when scammers used the Haitian crisis to profit."
Subsequently, Hayter recommends that users be wary of where they click, especially when following links about high-profile news events.