Misspelled URL takes users to malicious web site


Researchers at antivirus company F-Secure have discovered a malicious website that targets users who make a spelling error when they type in

If a user trying to visit the popular search engine accidentally types "," they will open up a malicious web site that attempts to exploit known vulnerabilities in the web browser - mostly Internet Explorer - to drop spyware onto the machine, said Ero Carrera, F-Secure virus researcher.

On its web site, F-Secure urged users to not go to the malicious web site. As of Wednesday afternoon, the site was still up, Carrera said. Researchers have reported the site, which is owned by people with Russian names, to authorities.

F-Secure researchers have seen the technique used before, but usually the spoofed web site aims to make a political statement of some sort, not to install malware, Carrera said.


Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.