What happens to Your Computer if you Mispell Google.com
That’s for real people. Don’t try this at home! Leave it to the professionals.
The attack surface of WEB technologies has dramatically increased over the past couple of years. It is not only about WEB Applications anymore. Today we learn about client side security which also plays a big part in the WEB security game.
This footage, although a little bit dramatized, is not that far from the truth. If you go on-line with unprotected browser it is almost guaranteed that you will get hacked in a matter of hours. Exploit code for various IE and FF bugs is easily accessible on the net today. With a few modifications, this code can reach a user base greater then any worm has ever achieved. That’s mainly because WEB technologies are highly accessible. Think about it: RSS feeds, splogging, AJAX worms, dark SEO…
Let’s image for a second what the impact would be if the Sammy worm was shipped with the infamous IE VML exploit for example. Here is what Sammy is saying about his worm:
I have hit 1,000,000+ users. In less than 20 hours, I’ve hit over 1/35th of all myspace users. Every request is from a unique, living, and logged in user. I refresh once more and now see nothing but a message that my profile is down for maintenance. I messed up… I’ll never get caught. I’m Popular.
1,000,000+ users in less then 20 hours. That’s something. Even if only 1% of them are visiting MySpace with vulnerable IE, we are already talking about 10,000 users. That’s about the average botnet size, as reported here:
In its latest annual Internet threat report, Cupertino, Calif.-based security giant Symantec Corp. reported that the average botnet size was around 10,500 machines. Washingtonpost
We all know that the number of vulnerable IE browsers visiting MySpace is much higher.
Where does this leaves us? Well, security professionals like me and you are still fighting on the front line. Sure, we disclose dangerous attack techniques that can be used for bad purposes, but this is done on purpose. What you see on GNUCITIZEN is a portion of what is available today. Don’t make false assumptions. Be always prepared.
trackbacks
- Myspace Codes » Blog Archive » What happens to Your Computer if you Mispell Google.com
- Kim Cameron’s Identity Weblog » Scary phishing video from gnucitizen
- links for 2007-01-21 » Missis Notizblock
- What happens to your computer if you mispell Google.com? at semanticpool :: thoughts
- Blog University Library RUG » Blog Archive » Mispell google
- Il Blog di Tondo » Blog Archive » Don’t mispell Google.com
- å¤§ç ²é–‹è¬› » Blog Archive » 拼錯 Google,會怎樣呢?
comments
Fell down laffing :) That’s the funniest vid I’ve seen in ages!
“mispell� NICE ONE LOL
You are kidding of course, right? Stay unpatched and you deserve to be hacked regardless of the platform you’re using.
And back to our regular program…
Very cool video, but now i’m afraid of using the internet. ;)
Thanks pdp for your work.
thanks man, I am glad that u like the stuff that we talk about here
Nothings happen when i go to http://www.goggle.nl/
i think this is a joke
Why goggle.nl? Try goggle.com!
OMG that computer got *** a thousand times but that only works with IE not firefox right? has anyone been brave enough to try it with IE?? just to see if its true…
Bob, try installing XP on a test computer (without patching it), and go to goggle.com using IE 6 running with administrative privileges and tell me what happens. :-D lol
pdp, keep the funnies coming!
I only had a WinXP SP2 vm laying around. There are no patches beyond the default SP2 install CD install. Sorry to disappoint, but it didn’t work for me. That means IF it is using any exploits they can not have been released in the last year or so. Yes the site hosts pop-up ads, and after I said to allow all popup ads from the site I got ONE, but nothing else happened. It’s possible when the video was made that one of the ads itself was hosting malicious content, but still… someone else needs to actually try and verify this since I doubt it very very much (I’m not saying there aren’t sites out there like that, it’s my job to find them, I’m just saying that this is just normal typo-squatting by a normal ad service)
bobdole, you might be right. As far as I know this footage was circulating the net for quite some time now. I am not sure how old it is neither whether it is real or not. However, it depicts something that is absolute possible.
Nice video :-).
It’s all about Windows and IE.
And guys try to not misspell google.com. For example, I use google.com.ua and usually use my internal Mozilla’s search functions (with selected Google search engine).
And by the way, pdp, “misspell” with double “s” ;-).
P.S.
Gnucitizen.org has performed an illegal operation and will be shut down.
:-D
This article actually brings up a few good points, which goes beyond just ensuring your browser is patched.
It only proves the point: No matter how far you go out of your way to make something idiot proof, someone will find a way to build a better idiot.
Mistyping a url can be a disaster for anyone who isn’t paying attention to what they are doing. Imagine having to make a payment online. You’ve procrastinated to the last moment. Instead of using the computer at home where you have it bookmarked, you use the computer at work. You casually type in the url and wha-la the familar page pops up and you type in your information, enter your payment and press enter. A few seconds later you get a confirmation screen or not… it doesn’t matter… you already sent your data to the wrong url which you mistyped.
It was quite easy for someone at http://www.myban.com to copy the data from http://www.mybank.com to his url. He only needs to be successful once.
As security professionals, we need to try to protect our users from malicious websites as well as our systems. This has a double affect though, since many of these malicious sites, will also try to send something back into our systems with the user.
What can we do? Usually the best angle of defense here would be with a proxy server. Collect a list of most frequently hit web sites, then come up with some common mis-spellings for each. Simply block at the proxy server. Looks like you’ve already learned Google mis-spellings is a good start!
One last hint: If you want to be a Spelling Nazi. Ensure your grammar is top notch. Things like… not begining a sentence with the word, “And” or misusing a comma. Might make you look bad!
Does anyone know who created this video?
Sorry MP, I cannot help you.
It showes it ones again, don’t go surfing with Microsoft Products!
Video is not accessible anymore? Are there any other sources to view it from?
Google remove the video a couple of times. I keep updating this page for that reason. I guess someone still has it on youtube.com. Let me know if you find it.
Is it this one ?
http://www.youtube.com/watch?v=MjbKmw4tK8c
cheers man, awesome…
lol…glad I’m on linux