Search engine virus on prowl in Indian cyberspace
- Kejriwal's detention in Modi land sparks violent clashes between BJP, AAP in three states
- India goes to poll in 9 phases from April 7 to May 12; vote count on May 16
- Mumbai dailies laud Kamat, he denies he paid for the ânewsâ
- Congress bends, âopen to TRS allianceâ
- Mamata Banerjee releases candidates list for LS polls, lists out celebs and statistics
Indian internet systems are under a spam attack that "hijacks" search engine requests leading to slow browsing and opening up of suspect websites, the country's premier cyber security agency has warned in its latest advisory.
A trojan virus called 'Bamital' has been detected in the country's internet network, Computer Emergency Response Team (CERT-In) said in its advisory to internet users.
"It has been observed that Trojan Bamital is propagating widely. Bamital is a click-jacking trojan which modifies the search results and redirects users to advertisement links.
"Bamital is a malware designed to hijack search engine results," the advisory said.
Clicking on any of the displayed search results redirects users to an "attacker controlled command-and-control server (Bamital server)," it said.
These Bamital servers, the advisory added, then connect to the advertisement server and redirect the search results to websites of the attackers' choice. It has the ability to click on advertisements without user interaction.
The result is poor user experience after clicking on search engines along with an increased risk of further malware infections, the security agency said.
"If the Bamital servers are unable to serve customised website, tainted search results will be displayed to user's browser.
"Bamital also intercepts web browser traffic and prevents access to certain security-related websites by modifying the Hosts file," it said.
The agency advised internet surfers to deploy trusted anti-virus mechanisms for combating this malware.
"Bamital has primarily propagated through drive-by-downloads and maliciously modified files in peer-to-peer (P2P) networks. Users impacted by this botnet,
will be notified the next time they try and run a search using their preferred provider. Infected computers will be redirected to a Microsoft website," the advisory said.
The CERT-In has advised certain countermeasures like keeping the anti-virus and anti-spyware signatures at desktop and gateway levels up-to-date; enabling firewall and not following unsolicited web links or attachments in email messages.
- New police chief says smooth polls his top priority for now
- Battleground ready, tough fight on cards in Pune
- Gadkari visits PU for cultural event, crowd gets out of control
- Govt vehicle hits two visually impaired students
- Ecclestone rules out Indian GP in 2015
- Captain Vidic abandons sinking ship at Manchester United, to sign for Inter Milan