Google Removes Malicious Sponsored Links

Dennis Faas's picture

Google has removed the sponsored links that had been manipulated to divert users into installing malicious software.

By clicking on the link, users would eventually go to a legitimate site, but would first be diverted to another site that attempted a "drive-by installation" of password stealing software. (Source:

"Google identified and canceled AdWords accounts displaying ads that re-directed users to malicious sites," a Google representative wrote on the corporate blog. (Source:

The culprits engineered the debacle by taking advantage of a unique characteristic of Google sponsored links. When a viewer scrolls the mouse over any normal hyperlink, the name of the website that the user will be redirected to appears in the bottom left corner of the browser. However, scrolling over a sponsored link does not show anything in this area. This enabled the offenders to hide where visitors were first taken. (Source:

The infected sponsored links included websites such as, the official website of the Better Business Bureau. Before users were taken to the site, they unknowingly visited the website, which carried out the malicious code.

Roger Thompson of Exploit Prevention labs said that the group "detected about 20 different search strings that resulted in links to There were multiple ads linking to a single site, a high level of planning, and cunning by the bad guys." (Source:

While the incident sure is disheartening to countless Internet users, Google has tried to ensure users that the matter will be dealt with properly.

"Google is looking at its AdWords practices to prevent similar incidents in the future," the company said. "This is an issue we've taken very seriously and will continue to monitor. We are also evaluating our systems to ensure that the appropriate measures are in place to block future attempts." (Source:

Rate this article: 
No votes yet