Security vendor Websense has warned that Google’s website hosting service is being used by hackers to try to steal money using a malicious program.
Websense suggested that a Trojan horse is being hosted on a site with the same IP address as the main Google Pages website, at http://googlepages.com.Users are enticed to open attachments or click on web links to launch the Trojan, releasing malicious code on their computer.
The Trojan, also known as a keylogger for its ability to record keystrokes, is programmed to know when a user visits a bank site and to then activate the keystroke recording function, said
a Websense manager.
The Trojan appears to have been noticed before its authors managed to launch an attack, Websense said, because it has not yet detected emails or Instant Messenger links leading back to the Trojan, which is designed to steal bank details and which has had its file size reduced using a file compression tool.
Google Pages is the hosting complement to Google Page Creator, a free WYSIWYG Web page offering numerous templates and 100Mb of storage for uploaded files and pages.
Now Google’s big and influential enough, it should expect a few more of these threats. Microsoft can tell it all about them.