Thousands of sites are reported to have been compromised by PHP code injection, redirecting users to fake antivirus applications, writes Internet Storm Center researcher Bojan Zdrnja.
“For last couple of weeks we received quite a bit of reports of images on Google leading to (usually) FakeAV web sites.
Google is doing a relatively good job removing (or at least marking) links leading to malware in normal searches, however, Google’s image search seem to be plagued with malicious links. So how do they do this?”
Google says it is aware of the problem, and is making an effort to detect malicious pages.
Read more: http://isc.sans.edu/diary/More+on+Google+image+poisoning/10822