.

Healthy Passwords

.

.

Google Images Malware

Date: 2011-05-09 11:39:04

Several news agencies have reported Google images installing malware. This doesn't mean Google is trying to infect your computer. It means that criminals have figured out a way to distribute malware using compromised websites and Google. The best explanation of this is from Brian Krebs. You can read the article at krebsonsecurity.com.

The article may be confusing for non-technical people, so the best thing to take away from it is just stay away from Google images until Google gets this under control. If you click on an image and a virus scanner pops up, turn off your computer. You want to be sure it doesn't just hibernate or sleep. You can turn off you computer by holding down the power button for a few seconds until it turns off. Any unsaved work will be lost if you do this. You can try saving unsaved work by holding down ALT and pressing TAB until the program with unsaved work is in focus.

This same technique may be floating around more places than just Google images. Right now the safest way to protect yourself is to do all your web browsing using live-cds. For most people, live-cds are impractical for all but the most sensitive browsing. To learn more about Live-CD use, see Healthy Passwords - Bonus Materials - Live CD Distributions

The next best thing is to use Firefox 4 with an add-on to choose when javascript is allowed to run. Do the following:

  1. Download the latest Firefox browser from mozilla.org.

  2. Add the No Script Addon

  3. Install Qualys Browser Check. This is a utility that keeps your browser patched with the most important third-party security updates. You can learn more about this at Healthy Passwords - Patching Populate Software Vulnerbilities

If you did this properly, the first time you run Qualys browser check you will get an error saying javascript is disabled. This is good. It confirms you did the first and second steps correctly. Select the option to allow java script After updating everything cautiously proceed to google images. Try to refrain from Bin Laden or Charlie Sheen types of images, as they are the most likely to be trouble right now.

Update 5/18/2011

Sophos.com just posted this video showing how a bad google image can translate to problems for OS-X users. For the full article, go to Sophos Article on Fake AV and OS-X

Category: Malware

Subcategory: Website

McAfee SECURE sites help keep you safe from identity theft, credit card fraud, spyware, spam, viruses and online scams

 Subscribe in a reader

.

Leaf

Leaf

Home | Live CD Listing | Password Worksheet | Third Party Ratings | Purchase | Errata | Contact | News | News Archive | Legal

Copyright © 2011, Sustainable Alternatives, LLC | Ligonier, PA 15658 | 724-238-9560 | All Rights Reserved.

 Sustainable Alternatives, LLC BBB Business Review
Leaf

.

Leaf