Hi malware fighters,
Through a vulnerability in the cache functionality of larger search engines like Google, MSN Live and Yahoo! the security of websites is not being checked upon. Webpages are saved together with embedded scripts and HTML-code, that could be malicious. Allthough the website has been upgraded to get rid of the malware, the older version of the site can still be cached.
Even when websites have been deleted or blocked by an URL-filter or placed on a ISP blacklist, even then the cached site can be fully accessible. Users just have to click the link 'in cache' on a page with search results, as warns Alladin's Content Security Response Team.
Malcreants can perform phased attacks through which links, autonatic pop-ups or invisable frames with malicious code of the page are being loaded into cache memory. In this way they can circumvent URL-filters that do not block Google-pages for instance. The vulnerability was found during analyzing a hacked website, where the malicious content could still be reached through the cache memory of search engines and so was still active. When clicking a cache link better first scan with DrWeb's hyperlink av scan add-on.
polonus
