madison

Team Think

David Greenfield
Home / News & Blogs / Team Think

Google Toolbar: A New Malware Threat

By | December 20, 2007, 4:12am PST

Now there’s another source of potential malware to worry about. A researcher has released code that shows how a hacker can use the Google toolbar to get users to install malicious software or expose themselves to a phishing attack by installing a new toolbar button.

The report from TrendLabs Malware blog says that the attack uses a “…specially crafted link to that refers to the button’s XML file, which when clicked displays a dialog box summarizing the details of the button to be installed.” The hacker manipulates the URL within the dialog to make it appear non-malicous by adding special redirector strings. Trust is increased, improving the likelihood that the user will click on the link. Once installed, the user must click the link to install the malicious code or launch a fake log-in process.

According to the report, Google classifies the attack as non-critical due to the steps required for its execution. Google is said to be looking at a way to fix the bug.

The attack affects Google Toolbar 4 for Internet Explorer and Firefox as well as Google Toolbar 5 for IE.

Kick off your day with ZDNet's daily e-mail newsletter. It's the freshest tech news and opinion, served hot. Get it.

More from “Team Think”

Topics

Google Toolbar, Google Inc., Toolbar, Malware, Attack, Cyberthreats, Spyware, Adware & Malware, Security, Web Browsers, Viruses And Worms, Internet, Dave Greenfield

David Greenfield is the principal in STAnalytics. a global technology-marketing consultancy where he advises enterprises on emerging technologies. He primarily functions as the product marketing manager at Silver Peak Systems.

Disclosure

Dave Greenfield

Much to the chagrin of his clients (and his wife), David Greenfield remains an independent thinker to a fault. Little wonder he's strongly considering an investment in the Trojan body armor. His firm, Strategic Technology Analytics (STAnalytics) provides independent content, insight and analysis to many companies. Current and past customers of his that may or may not be covered in the TeamThink blog include: Audiocodes, Infoblox, Objet Geometries, On-State Communications, Phone.com, Silver Peak Systems, Skype, and Spigit. He currently holds stock options in Silver Peak Systems.

Biography

Dave Greenfield

David Greenfield is the principal in STAnalytics. a global technology-marketing consultancy where he advises enterprises on emerging technologies. He has spent the past 20 years analyzing virtually every area of networking technology. His work has appeared in leading technology publication such as PC Magazine, Network Computing, IT Architect, and Data Communications in the past 10 years focused on real-time social software. He has consulted to and assisted Fortune 500 enterprises in their technology acquisitions. He was the editor and a blogger Network Computing and today works as the product marketing manager at Silver Peak Systems.

Talkback Most Recent of 9 Talkback(s)

  • Due to the potential of attack
    a number of Google apps aren't installed on end-user PCs at work, not because they were at the time a threat, but just due to its growth, it's potential misuse and misplace in the workplace, the toolbar itself seemed more hassle than help anymore.
    ZDNet Gravatar
    Boot_Agnostic
    20th Dec 2007
  • Google Toolbar
    I absolutely agree with Boot_Agnostic.
    ZDNet Gravatar
    C4Ever
    20th Dec 2007
  • No Problem
    Unless one uses Microsoft, this is no problem, right?
    ZDNet Gravatar
    epcraig
    21st Dec 2007
  • After Secunia issued a warning to remove...
    the Google toolbar 3.x, I tried to do this and found out it is impossible to do this.. I followed every advisory and source I could find for Windows IE 7 and none of the workarounds did any good. I finally simply deleted the execution file out of pure frustration. But I left the newer ones there out of fear I would foul up my browser installation.

    I now want to get rid of all Google tool bar remnants in my system and their are no instructions anywhere on how to do this safely; and that actually do remove the toolbar.

    And don't tell me to go to Add-Remove programs as it is not listed there! I've been there and done that and more; and those solutions don't work. In fact they don't even disable the tool bar.
    ZDNet Gravatar
    JCitizen
    21st Dec 2007
  • You can get rid of...
    You can get rid of the BHO using Windows Defender, or any of several other tools that list Browser Helper Objects installed on the system.
    ZDNet Gravatar
    Dr. John
    21st Dec 2007
  • Forgot...
    http://www.google.com/support/toolbar/bin/answer.py?answer=9231&query=uninstall&topic=&type=&hl=en has the info for uninstalling it.
    ZDNet Gravatar
    Dr. John
    21st Dec 2007
  • Thanks for the rep Doc but that doesn't work..
    I don't completely understand the search bar in the header of IE 7; but I assumed I never had the Google bar until Secunia's PSI found the files and warned about end of life status. When I searched this file I found execution files for versions 3, 4, and 5.x.

    Perhaps these files are only used if you pick Google as your homepage; but my firewall had been reporting that Google's notification script was constantly contacting Google to check for toolbar highjacking. This and the information from PSI(Personal Software Inspector) make for a lot of confusion; especially on the warning messages that indicate google tool bar IS installed when it supposedlhy is not.

    Very confusing!
    ZDNet Gravatar
    JCitizen
    21st Dec 2007
  • All toolbars are bad
    I have recently built a system myself so I had total control on what is installed; I have none of the cr*pware that usually come with a retail PC such as Dell and HP it is surprising how much better it runs. Those toolbars don't add enough value to be worth installing. After all, it is little more than a Google ad sitting on top of your browser every time that you start the browser, isn't it?
    ZDNet Gravatar
    balsover
    21st Dec 2007
  • Works Fine for Me
    Using OS X 10.4.11 Tiger.

    In addition to a search of my computer, applications can be started by as little as four
    keystrokes or about a half seconds. This is faster and easier than a mouse.
    ZDNet Gravatar
    msackett
    23rd Dec 2007

Talkback - Tell Us What You Think

Formatting +
BB Codes - Note: HTML is not supported in forums
  • [b] Bold [/b]
  • [i] Italic [/i]
  • [u] Underline [/u]
  • [s] Strikethrough [/s]
  • [q] "Quote" [/q]
  • [ol][*] 1. Ordered List [/ol]
  • [ul][*] · Unordered List [/ul]
  • [pre] Preformat [/pre]
  • [quote] "Blockquote" [/quote]
Click Here

The best of ZDNet, delivered

ZDNet Newsletters

Get the best of ZDNet delivered straight to your inbox

Facebook Activity

Blog Roll

Blog Archive

White Papers, Webcasts, & Resources