Tuesday, November 15, 2005

Domain Name Squatters target Google

Google has recently registered four new domain names - GoogleMagazines.com, GooglePapers.org, GoogleMicrofilm.com and GoogleLibrary.org.

But Domain-name Squatters are registering Google related domain names in the hope that either Google will buy them back or another speculator will buy them at a higher price.

A simple misspelling of Google’s domain name could lead to a Web surfer’s worst nightmare. In a new twist to the old practice of “typosquatting,” virus writers have registered every possible variation of google.com to take advantage of any users who mistype the spelling of the google.com URL.

The whois database reveals that the largest gooo…ogle.com domain name has the letter 'o' repeated 59 times. Infact, cyber Squatters have registered all variations of domain names that rhym like google.com See the complete list of domain names below. Some of them are owned by Google Inc.


According to F-Secure’s alert, the attack scenario also includes a separate Trojan dropper that copies itself to the Windows System folder with a random name and drops a DLL that modifies the HOSTS file to block connection to several anti-virus Web sites.

Another executable also drops a DLL file into the Windows System folder and prompts a fake virus alert on a desktop. The fake alert warns the user about a computer infection and prompts the user to yet another malicious site promising virus protection.

The Web site offers links to several different sites offering anti-virus and spyware cleaners for download. Those downloads all turn out to be a “toolbar.exe” file that is actually an adware installer, which installs a spyware toolbar known as “Perez,” F-Secure said.

No comments:

Post a Comment