Stay away from Googkle.com !

By Derek Sooman on April 28, 2005, 1:16 PM
Next time you are heading off to Google to do a spot of searching the web, just make sure that you type that URL in correctly - one false move could see you winding up with Trojan droppers, downloaders, backdoors, spyware and all sorts of other nasties.

In the proud tradition of "typosquatting," malicious persons have set up a site, googkle.com (don't go there!) that is completely rife with all sorts of cyber badness. The trap (as I am sure you have by now no doubt worked out) is that when you accidentally mistype the additional "k" (next to "l" on the keyboard) you wind up at the horrible site and present yourself for various forms of infection. Don't some people have anything better to do than spend their time thinking up sad rubbish like this? Seemingly not.

When googkle.com is opened in a browser, two pop-up windows are immediately launched with redirects to third-party sites loaded with scripts. One of the sites, ntsearch.com, downloads and runs a "pop.chm" file, and the other, toolbarpartner.com, downloads and runs a "ddfs.chm" file, F-Secure said.

"Both files are downloaded using exploits and they contain exploits themselves to run embedded executable files. One of the Web pages of the 'toolbarpartner.com' website downloads a file named 'pic10.jpg' using an exploit. This JPG file is actually an executable that replaces [the] Windows Media Player application," the warning reads.

Add New Comment

TechSpot Members
Login or sign up for free,
it takes about 30 seconds.
You may also...
Get complete access to the TechSpot community. Join thousands of technology enthusiasts that contribute and share knowledge in our forum. Get a private inbox, upload your own photo gallery and more.