A huge surge in interest of Conficker has allowed spammers to utilise Google Trends to abuse searched sites.

 

Mary Landesman, senior security researcher at ScanSafe, claimed that media coverage of the Conficker worm has led to a somewhat ironic development as it caused people to search for terms such as ‘Conficker' or ‘virus April 1'.

 

Landesman claimed that by using Google Trends and other keyword popularity reports, attackers are able to quickly gauge interest levels in a certain subject, and then leverage the current interest levels in a given topic to quickly push links pointing to malware whenever searches on that topic are performed.

 

Google Trends showed a huge surge in the search for Conficker, beginning on Sunday 29th March and rising rapidly on Monday and Tuesday. The most searched terms in association with Conficker were ‘worm', ‘virus Conficker' and ‘virus' while the most searches came from Canada, the US and Indonesia.

 

Landesman said: “Attackers have been spamdexing those keywords so that links returned by the search engines for those keywords are pointing to malware. This is unfortunate. Erroneous reporting of threats, i.e. crying wolf, can result in a loss of credibility and a lack of faith in security vendors.

 

“But in this case, the erroneous reporting has a further consequence - the interest raised is actually putting users at greater risk of infection from other malware.”