After bugging a friend of mine inside “the Industry” for the past couple of weeks, he has finally given in and sent me a copy of the Lost series finale. It’s a long video at 2 and a half hours but it was great to see things wrapped up from the last six years. Lost changed TV forever and while it’s sad to see it go, it’s so relieving to finally have resolution. The last episode called “The End” in a spoiler-free description is momentous. My head is still spinning trying to unravel it all and make sure I caught all the easter eggs. In fact, I’m dying to discuss it with others so I’ve uploaded the video and made it available. It might only be less than 24 hours at this point after being advertised all season, but it was still worth it.
You can download the series finale of Lost from here.
And if you clicked on that link, we’d have a Blackhat SEO poisoning attack (although the link is perfectly safe, annoying, but safe).
SEO stands for Search Engine Optimization. It’s a method of trying to get a page to the top of the search results for certain keywords in Google, Yahoo!, Bing, or any other search engine. There are two distinguishable types of SEO attacks at this point in time. An SEO Poisoning attack is a method of malicious hackers using cross-site scripting or other methods to get inside of an already popular website. Once inside, they would insert code in the page that would automatically redirect traffic to a malicious page like a FakeAV site.
The other form of SEO poisoning is called a Blackhat SEO poisoning attack. A blackhat SEO poisoning attack doesn’t start from an infected popular site instead it tries to make a new popular site. It does this by gaming the search engine’s into faking its content and telling the search engines exactly what they want to hear so they make that site a highly ranked or even top search result for the popular keywords. You will frequently see Blackhat SEO poisoning attacks if you click on many of the top trends in Google Trends, which I’ve previously written about.
Tonight, many of the Top Searches in Google Trends are related to the Nascar All-Star Race 2010. I have no doubt that tomorrow the Lost series finale will most likely be filling a number of the Top Searches and with it, some of them will be malicious or exploited sites. It’s important that you click only on search results that you trust and be aware of the possibility of SEO poisoning that can lead you to malware.
Just as there are many attempts at Blackhat SEO poisoning, there are a number of good resources to read about them. Many of the popular security software blogs have reported about poisoning in the past including several recently.
(Image courtesy of WebSense)
There was no shortage of blackhat SEO campaigns this month. Bad guys continue to game Google to get their malicious links to rank high on search results for hot topics, such as the Olympics, the Chilean earthquake / Hawaiian tsunami, the Bloom Box breakthrough technology, and Canadian figure skater Joannie Rochette. Clicking on these infected search results would lead to the usual rogue AV malware with low anti-virus detection rates (video). In the case of the earthquake in Chile, the malicious search results actually led to a PDF file.
Stay smart and stay malware-free by understanding how popular topics in search engines can be gamed by malicious people. Software like WebOfTrust and McAfee SiteAdvisor might be recommended as a possible solution as long as you understand that those programs can be gamed themselves (What’s the Harm in McAfee Site Advisor?) and you still shouldn’t let your guard down.
P.S. I’ve never seen a minute of Lost and I don’t have the series finale available for download. Sorry for the deception but I hope it made its point.