Google's image search page is being used by hackers to distribute malware, according to several researchers, according to which, thousands of sites would have been compromised by a code injection that redirects the user to fake antivirus applications. Bojan Zdrnja, a researcher at the Internet Storm Center, explains that attackers are mainly attacking Wordpress sites and injecting PHP code that generates pages with images based on highly sought-after content. Google then indexes these pages and the images are displayed as a result of your image search.
Those users who search for images can be easily redirected to those fake antivirus sites thanks to Google displaying the images, Zdrnja explains in his blog. At least 5,000 pages would have been compromised and Google could have served up to 15 million monthly impacts of these malicious pages.
Full content in CSO Spain
