Google.com Vulnerability that bypasses anti-virus

Still not exactly sure how the user gets hit?

I don’t use Google, other than a Gmail account I rarely use and gets almost zero mail.
I rarely use chrome except to access my Gmail account

I don’t use any checkout service or wallet
 
My understanding is if someone uses the google.com search site to search and find a website that is where it happens.

And it could happen from any browser that the user uses google.com to find a website.

1750548146216.png
 
wittaj said:
My understanding is if someone uses the google.com search site to search and find a website that is where it happens.

And it could happen from any browser that the user uses google.com to find a website.

View attachment 223094
Click to expand...

I'm not seeing that?
Just use Google to search and BAM your infected?

I dont think its that simple

*Note I dont use Google at all. I use Bing for search. I avoid Google like the plague
 
I would think if you use the google search and then CLICK on the search results. I search for ipcamtalk, it gives me ipcamtalk.com but the virus is injected into that clickable search result.
Kind of a man in the middle attack.
 
  • Like
Reactions: bigredfish
bigredfish said:
I'm not seeing that?
Just use Google to search and BAM your infected?

I dont think its that simple

*Note I dont use Google at all. I use Bing for search. I avoid Google like the plague
Click to expand...

It could happen to any search engine or any site really.

I alluded to this in this thread where someone was so worked up about the Dahua plug-in and I suggested that they are uncomfortable with that yet blindly accept hitting in a login button that could be compromised and why we shouldn't let our cameras on our network. I said in that thread:

"How do we know that by typing in your username and password and hitting the "login" button that you are not behind the scenes granting that firmware access to an exploited vulnerability of the web browser or blindly allowing it to bypass anti-virus software and infect your computer, similar to mistakenly hitting a malware link on a legit website that infects your computer. Hitting that login or Save or Refresh button could be the same as clicking on an ad on a porno site that infects your computer."

This vulnerability is even worse than I suggested in that it can be generated just be which search engine someone uses and won't be long before someone figures out a way to exploit typing in a website directly instead of using a search engine.

Sometimes even the best precautions can still be exploited.
 
  • Like
Reactions: bigredfish
You must log in or register to reply here.
Top Bottom