Subscribe to Malware Help RSS Feed RSS Feed - Subscribe to Malware Help. Org on Twitter Follow on Twitter - Malware Help YouTube Channel YouTube Channel - Subscribe to Malware Help by Email Subscribe by Email

Websense: Google IE toolbar 404 hijacking

by Shanmuga| Tweet This | Google +1 | Facebook | Stumble It | Reddit | Digg |

"…Another point of interest is how the toolbar handles connection failures. Google says, “When your server is unreachable, the Google Toolbar will automatically display a link to the cached version of your page.” We have previously written about how Google services are being targeted by the black hats for use as a resource to launch their nefarious campaigns.

Consider what would happen if the toolbar sends the user to a cached version of the page (hosted by Google), that *is* malicious. A web page served up by Google’s own web server does not imply that it won’t contain any malicious code. To the average web visitor, a page linked to by Google that is also hosted by Google itself, would probably be safe.

Would the bad guys exploit this trust transitivity factor? We would say yes. " – Content courtesy of Websense® – Blog: Google IE toolbar 404 hijacking

{ 0 comments… add one now }

Leave a Comment

Previous post:

Next post: