Search engine virus on prowl in Indian cyberspace
- Top BJP ministers attend RSS meet, Opposition questions govt's accountability
- Bharat bandh: Violence, arrest, chaos; one-day strike a 'grand success'
- Indrani, Peter brought face to face, questioned extensively; Sanjeev Khanna's laptop seized
- OROP: Veterans soften stand, may accept pension revision once in two years
- Govt to auction 69 oil & gas fields of ONGC, Oil India to private firms
Indian internet systems are under a spam attack that "hijacks" search engine requests leading to slow browsing and opening up of suspect websites, the country's premier cyber security agency has warned in its latest advisory.
A trojan virus called 'Bamital' has been detected in the country's internet network, Computer Emergency Response Team (CERT-In) said in its advisory to internet users.
"It has been observed that Trojan Bamital is propagating widely. Bamital is a click-jacking trojan which modifies the search results and redirects users to advertisement links.
"Bamital is a malware designed to hijack search engine results," the advisory said.
Clicking on any of the displayed search results redirects users to an "attacker controlled command-and-control server (Bamital server)," it said.
These Bamital servers, the advisory added, then connect to the advertisement server and redirect the search results to websites of the attackers' choice. It has the ability to click on advertisements without user interaction.
The result is poor user experience after clicking on search engines along with an increased risk of further malware infections, the security agency said.
"If the Bamital servers are unable to serve customised website, tainted search results will be displayed to user's browser.
"Bamital also intercepts web browser traffic and prevents access to certain security-related websites by modifying the Hosts file," it said.
The agency advised internet surfers to deploy trusted anti-virus mechanisms for combating this malware.
"Bamital has primarily propagated through drive-by-downloads and maliciously modified files in peer-to-peer (P2P) networks. Users impacted by this botnet,
will be notified the next time they try and run a search using their preferred provider. Infected computers will be redirected to a Microsoft website," the advisory said.