blob: 386251ffd3bff16c6b15b466fbaa91ac7b544bab (
plain)
1
2
3
4
5
6
7
8
9
10
11
|
According the security firm Fortinet, Google's [Blogger.com is being used extensively in both phishing attacks and to propagate malware][1]. In some cases the traffic to the sites is being driven by "a variant of the Stration mass mailer" worm a Fortinet security notes warns.
One example listed in the security bulletin is a malicious script from "Pharmacy Express," which advertises Viagra and Valium but actually tricks victims into giving up personal and medical information to the fraudulent site.
Other examples are even trickier including a Blogger.com site, which purports to be created by a Honda CR450 enthusiast, that infects visitors with the Wonka Trojan. Naturally the trojan doesn't load from Blogger itself, but, according to Fortinet, is hosted on a web site hosted in Russia.
A Google spokesperson told CNet, "We are investigating and blogs found to include malicious code or promote phishing will be deleted."
This is hardly the first time scammers have used a large social networking site to nefarious ends, both MySpace and YouTube have also been hit in recent months, and I think it's safe to say that this sort of scam will grow even more common as social networking sites continue to go more and more mainstream.
[1]: http://www.fortiguardcenter.com/advisory/FGA-2007-04.html "Malicious Code Appears on Blogger.com"
|
