Spammers are no stranger to exploiting existing file-sharing services to propagate their warez and Google has been used in the past to bring some sense of legitimacy to a scam. In a scam that we recently uncovered, user's will receive a URL shortened link, which will lead them to a malicious ad, hosted within Google Docs. There is no malware explicitly hosted on Google docs, but rather a link to a scam which is too tempting not to click...
 |
| A must-click to be sure. |
This particular scam is capitalizing on PC video gamer's desire to download free software. The download link will take the user to freeware site that will supposedly give them the most innovative Goat game to date.
 |
| gripped(.)biz redirects the user to many different Adware packages |
User's will leave the site disappointed however, when they realize that the only thing available is a series of fake codecs, media players, and Browser Helper Objects.
 |
| User's come for the Goat Simulator, but stay for the bogus media player. |
In this specific attack, user's are subjected to just about every modern adware scam to date. I attempted the download a few times and uncovered separate packages which scored very low on VirusTotal.
ShopAtHome Toolbar - b181e5f9cfa97c43841fe2e385c974fa
MediaPlayerClassic - 408e8969cd0abd153eab6696f8add363
Sadly, neither download provides access to Goat Simulator 2014, but instead just continues to take advantage of the user's good faith by offering them free gift cards if they enter their e-mail address and Personal Identifiable Information.
ShopAtHome Toolbar - b181e5f9cfa97c43841fe2e385c974fa
MediaPlayerClassic - 408e8969cd0abd153eab6696f8add363
Sadly, neither download provides access to Goat Simulator 2014, but instead just continues to take advantage of the user's good faith by offering them free gift cards if they enter their e-mail address and Personal Identifiable Information.
 |
| Any e-mail address will be spammed. |
The conclusion that users and administrator's should come to is that there is no safe haven from malicious or suspicious content on the Internet. All content should come under the scrutiny of a security solution, including Google Document Sharing. Nothing in this life is free, let alone the most innovative Goat Simulator ever conceived by man.
