Nmap Development mailing list archives
Malware "Nmap Conficker" links in Google
From: Fyodor <fyodor () insecure org>
Date: Tue, 31 Mar 2009 03:44:20 -0700
For a while on Monday, the top links for an "nmap conficker" search on Google were malware sites themselves! I guess the scammers somehow realized it was a popular search query and latched on. Here are some articles about the situation: http://countermeasures.trendmicro.eu/poisoned-downadconficker-removal-searches/ http://www.theregister.co.uk/2009/03/31/conficker_search_scam/ I verified this on Monday afternoon when I saw people tweeting the issue. It is amazing how scummy some people can be! Fortunately the top results are now pretty clean. I don't know if it is because Google kicked off the SEO scumbags or because there are so many legitimate news stories that the booby-trapped links can't compete for high rankings any more. If there is any bright side to this sordid tale, it is that enough people were searching for Nmap's Conficker detection that the scammers bothered to hijack the term. Thousands of people really did find Nmap useful on Monday to help secure their networks from Conficker infections! That alone justifies all the last minute efforts and late night several of us put in on Sunday to get it ready! Cheers, -F PS: The list serve seems to have finally caught up with all the traffic. No more lag on nmap-dev! _______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://SecLists.Org
Current thread:
- Malware "Nmap Conficker" links in Google Fyodor (Mar 31)