Google Wave SEO Poisoning
Threat Type: Malicious Web Site / Malicious Code
Websense Security Labs™ ThreatSeeker Network has detected that Google searches on terms related to Google Wave return results that lead to a rogue antivirus. Google Wave is the much talked-about, latest API hitting the collaboration scene today.
There's a lot of hype about the launch of Google Wave, not only because of the 'new' things it offers but also because Google invited only 100,000 lucky users to test the service. With that said, it's no surprise that users are enticed to this new application. Unfortunately, it's also no surprise that the bad guys are using this hype to manipulate search results.
Screen shot showing affected Google Wave-related Google search results:
Screen shot showing Rogue AV:
Malware sample 1:
14% AV coverage (via VirusTotal at time of writing)
Malware sample 2:
17% AV coverage (via VirusTotal at time of writing)
Malware sample 3:
9% AV coverage (via VirusTotal at time of writing)
Malware sample 4:
21% AV coverage (via VirusTotal at time of writing)
Websense® Messaging and Websense Web Security customers are protected against this attack.