Avast WEBforum

Other => General Topics => Topic started by: polonus on July 10, 2006, 09:50:23 PM

Title: They google for good & google for bad
Post by: polonus on July 10, 2006, 09:50:23 PM: Hi malware fighters,

Malware launchers use Google to search for "signature 00004550" and this gives result pages with various links to executable files of malware. This because Google is indexing a file and parses the PE extention of the executable as the signature "4550"a NT signature for valid Win 32 PE files. In this way thousands of malicious binairies can be found. Time for Google to obscure this.
Source: Security NL

polonus
Title: Re: They google for good & google for bad
Post by: bob3160 on July 11, 2006, 12:02:29 AM: Sometimes these things are just posted to arrouse a fear factor.
Here's just one answer to this:
Quote
you'd have to be stupid enough to download the exe, then when IE tells you that the exe could contain viruses
(i assume FF does this too) you would have to ignore the warning and run it anyways.

So yeah you're right that most people on the internet should be on the lookout. (ie they are stupid enough to do the above)
You'll find some more Here (http://www.digg.com/security/Google_indexes_.exe_files_-_possible_threat)

SMF 2.0.18 | SMF © 2015, Simple Machines