<p>The Indian internet systems are under a spam attack that “hijacks” search engine requests leading to slow browsing and opening up of suspected websites, the country’s premier cyber security agency has warned in its latest advisory. <br /><br /></p>.<p>A trojan virus called “Bamital” has been detected in the country’s internet network, Computer Emergency Response Team (CERT-In) said in its advisory to internet users.<br /><br />“It has been observed that Bamital is propagating widely. Bamital is a click-jacking trojan which modifies the search results and redirects users to advertisement links.<br />“Bamital is a malware designed to hijack search engine results,” the advisory said.<br /><br />Clicking on any of the displayed search results redirects users to an “attacker controlled command-and-control server (Bamital server),” it said. These Bamital servers then connect to the advertisement server and redirect the search results to websites of the attackers’ choice. <br /><br />It has the ability to click on advertisements without user interaction. The result is poor user experience after clicking on search engines along with an increased risk of further malware infections.<br /><br />“If the Bamital servers are unable to serve customised website, tainted search results will be displayed to user’s browser. Bamital also intercepts web browser traffic and prevents access to certain security-related websites by modifying the Hosts file,” it said.<br /><br />The agency advised internet surfers to deploy trusted anti-virus mechanisms. The <br />CERT-In has advised certain countermeasures like keeping the anti-virus and anti-spyware signatures at desktop and gateway levels up-to-date, enabling firewall and not following unsolicited web links or attachments in email messages.<br /></p>
<p>The Indian internet systems are under a spam attack that “hijacks” search engine requests leading to slow browsing and opening up of suspected websites, the country’s premier cyber security agency has warned in its latest advisory. <br /><br /></p>.<p>A trojan virus called “Bamital” has been detected in the country’s internet network, Computer Emergency Response Team (CERT-In) said in its advisory to internet users.<br /><br />“It has been observed that Bamital is propagating widely. Bamital is a click-jacking trojan which modifies the search results and redirects users to advertisement links.<br />“Bamital is a malware designed to hijack search engine results,” the advisory said.<br /><br />Clicking on any of the displayed search results redirects users to an “attacker controlled command-and-control server (Bamital server),” it said. These Bamital servers then connect to the advertisement server and redirect the search results to websites of the attackers’ choice. <br /><br />It has the ability to click on advertisements without user interaction. The result is poor user experience after clicking on search engines along with an increased risk of further malware infections.<br /><br />“If the Bamital servers are unable to serve customised website, tainted search results will be displayed to user’s browser. Bamital also intercepts web browser traffic and prevents access to certain security-related websites by modifying the Hosts file,” it said.<br /><br />The agency advised internet surfers to deploy trusted anti-virus mechanisms. The <br />CERT-In has advised certain countermeasures like keeping the anti-virus and anti-spyware signatures at desktop and gateway levels up-to-date, enabling firewall and not following unsolicited web links or attachments in email messages.<br /></p>