Gray Powell and the lost iPhone, and malware

In case you didn’t hear about it already, the story of the day is Gray Powell and the lost iPhone. So I searched for him on Google.

I was really surprised to see that 4 out of 10 results from Google’s first page were links to malware.

If you click on any of those links, here is what you get:

And then you receive the classic ‘Your computer is infected‘ window that proved to be so lucrative for malware writers. The window looks like a real Windows application and many people get confused and run the malware.

I’ve downloaded and scanned the malware on virustotal.com. Here is the report. Basically, only 10 from all 41 antiviruses from VirusTotal detected the malware. That’s only 24.4%, a pretty low detection rate for a malware that appears on the first page of Google results for a hot topic. I think many people already got infected by this.

The malware writers are pretty inventive, I think they’ve made an automated tool that automatically reads Google’s Hot Trends page or Twitter’s trending topics and generate pages containing malware with those terms/searches in the title and some description around it. Gray Powell is #13 on Google’s Hot Trends page right now.

It’s a very dangerous technique and I think Google should do something about it, otherwise a lot of people will get infected.  Lately, Search Engine Optimization is being widely used for distributing malware.  So pay attention before you click any of Google’s results.  Don’t just read the page title and description, but also check the URL!

Share this post

Leave a Reply

Your email address will not be published.