The most dangerous celebrities to search for in 2009

The most dangerous celebrities to search for in 2009

Summary: Searching for which celebrity has the highest probability of tricking you into visiting a malware-friendly web site?Last year it was Brad Pitt, but according to this year's McAfee report "Riskiest Celebrities to Search on the Web", it's Jessica Biel related searches that have "one in five chance of landing at a Web site that’s tested positive for online threats, such as spyware, adware, spam, phishing, viruses and other malware".

SHARE:
7

Searching for which celebrity has the highest probability of tricking you into visiting a malware-friendly web site?

Last year it was Brad Pitt, but according to this year's McAfee report "Riskiest Celebrities to Search on the Web", it's Jessica Biel related searches that have "one in five chance of landing at a Web site that’s tested positive for online threats, such as spyware, adware, spam, phishing, viruses and other malware".

Just like previous editions of the report, the latest one has also excluded the dominant adult content theme, as well as the fact that static lists of dangerous keywords to search for are long gone from the arsenal of the experienced blackhat SEO campaigner. In 2009, cybercriminals enjoy the benefits of the real-time Web at its best, by dynamically serving malware based on trending topics, or occupying as many keywords as possible through blackhat SEO (search engine optimization) tactics.

A good example of the current situation is an ongoing malicious campaign abusing Digg's high page rank, which is redirecting to scareware-serving sites by hijacking keywords related to any of the top 15 celebrities listed in McAfee's report.

Taking into consideration Digg's high page rank and the near real-time crawling of Digg submitted content, cybercriminals are systematically abusing major Web 2.0 services in order increase the visibility of their malicious content. Moreover, not only are they diversifying the themes, but also, by abusing multiple Web 2.0 services there are instances where the first 10 search results for a particular keyword are all populated by malicious sites part of a single campaign.

The bottom line is that any celebrity related search can lead to a malicious site depending on the momentum of a particular campaign, or the type of theme the cybercriminal chose to use. Therefore, relying on static lists for potentially dangerous keywords is unrealistic in a cybercrime ecosystem that's taking advantage of the traffic peak momentum in real-time.

Topics: Security, Browser, Malware

Dancho Danchev

About Dancho Danchev

Dancho Danchev is an independent security consultant and cyber threats analyst, with extensive experience in open source intelligence gathering, malware and cybercrime incident response.

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.

Talkback

7 comments
Log in or register to join the discussion
  • In 3... 2... 1... (nt)

    .
    NonZealot
  • RE: The most dangerous celebrities to search for in 2009

    This is nothing new. If I type in "lesbian porn" I get a number of virus riddled sites. Criminals have a new playground and it is the internet plain and simple
    freebird1974
    • You don't talk about ...

      Now I just had to search for "lesbian porn".
      Ronny102
  • RE: The most dangerous celebrities to search for in 2009

    Within a year, software will be widely spread which monitors most popular search terms dynamically in near-real-time.

    Lists such as this will be obsolete and nearly useless.
    wizoddg
  • RE: The most dangerous celebrities to search for in 2009

    The reason some websites have malware is the lack of
    effort in preventing that malware. Both by the site
    owners and the various media and anti-virus companies
    that only report instead of acting to eliminate the
    threats.
    shanedr
  • RE: The most dangerous celebrities to search for in 2009

    Judging by some of the "headline malware" we've seen, and search engine SEO we've observed, malware writers are using automated methods to take advantage of the latest news headlines.

    Jessica Biel may be the current champ for "most dangerous celeb to search for", next week it could be someone else. So, in the very end it's more important to practice safe browsing than to avoid searching for certain individuals.

    When the death of Michael Jackson hits the newswires, it took mere hours before malware and spam start to hit users inboxes: http://www.sophos.com/blogs/gc/g/2009/07/01/michael-jackson-emailaware-worm-hits-inboxes/ So, as Dan mentioned, it is dangerous to rely on static lists for avoiding malware. Safe browsing practice is much more important.

    Savio Lau, SophosLabs
    savio.lau
  • RE: The most dangerous celebrities to search for in 2009

    Great!!! thanks for sharing this information to us!
    <a href="http://www.yuregininsesi.com">seslisohbet</a> <a href="http://www.yuregininsesi.com">seslichat</a>
    birumut