New worms appear to attack Google

A new pseudo-worm into the free version of Lucasfilm's game Knights of the Old Republic II has the ability to switch users from Google to a similar page.

Discovered by PandaLabs and named P2Load.A, the worm is spreading on P-to-P peer sharing programs like Shareaza and Imesh, according to Forrest Clark, Panda Software's business executive. P2Load.A began to spread on Wednesday and is expanding the scope of influence in the US and Chile, Clark added.

When infected, P2Load.A will re-edit the archive file, when the user accesses Google, it will switch to another page that is exactly the same as Google but not provided by Google, which is hosted on a server located in Germany. When a user continues to perform a search on this fake site, the results will be returned to include sponsored links created by the author of the worm, in order to increase the number of visits to these websites.

The fake page is considered a copy of the Google search engine for almost identical search results to Google. But different in sponsored links. Clark explained: 'They changed all the ads on Google using AdWords services, and also changed some search results.'

Even if users mistyped the address www.google.com, it will automatically transfer them to the fake site, and on this page also supports languages ​​like Google.com.The author of P2Load.A can also use his work to perform other phishing sites for phishing.