Websense: Google IE toolbar 404 hijacking
February 15, 2008 by Shanmuga
Filed under Malware
"…Another point of interest is how the toolbar handles connection failures. Google says, “When your server is unreachable, the Google Toolbar will automatically display a link to the cached version of your page.” We have previously written about how Google services are being targeted by the black hats for use as a resource to launch their nefarious campaigns.
Consider what would happen if the toolbar sends the user to a cached version of the page (hosted by Google), that *is* malicious. A web page served up by Google’s own web server does not imply that it won’t contain any malicious code. To the average web visitor, a page linked to by Google that is also hosted by Google itself, would probably be safe.
Would the bad guys exploit this trust transitivity factor? We would say yes. " - Content courtesy of Websense® - Blog: Google IE toolbar 404 hijacking
If you enjoyed this post, make sure you subscribe to my RSS feed!
Comments
Everyone has an Opinion...why don't you share yours and oh, if you want a pic to show with your comment, go get a gravatar! or you can even subscribe to our comments feed.