Domain Name Squatters target Google

Google has recently registered four new domain names - GoogleMagazines.com, GooglePapers.org, GoogleMicrofilm.com and GoogleLibrary.org.

But Domain-name Squatters are registering Google related domain names in the hope that either Google will buy them back or another speculator will buy them at a higher price.

A simple misspelling of Google's domain name could lead to a Web surfer's worst nightmare. In a new twist to the old practice of "typosquatting," virus writers have registered every possible variation of google.com to take advantage of any users who mistype the spelling of the google.com URL.

The whois database reveals that the largest gooo...ogle.com domain name has the letter 'o' repeated 59 times. Infact, cyber Squatters have registered all variations of domain names that rhym like google.com See the complete list of domain names below. Some of them are owned by Google Inc.

gogle.com google.com gooogle.com goooogle.com gooooogle.com goooooogle.com gooooooogle.com goooooooogle.com gooooooooogle.com goooooooooogle.com gooooooooooogle.com goooooooooooogle.com gooooooooooooogle.com goooooooooooooogle.com gooooooooooooooogle.com goooooooooooooooogle.com gooooooooooooooooogle.com goooooooooooooooooogle.com gooooooooooooooooooogle.com goooooooooooooooooooogle.com gooooooooooooooooooooogle.com goooooooooooooooooooooogle.com gooooooooooooooooooooooogle.com goooooooooooooooooooooooogle.com gooooooooooooooooooooooooogle.com goooooooooooooooooooooooooogle.com gooooooooooooooooooooooooooogle.com goooooooooooooooooooooooooooogle.com gooooooooooooooooooooooooooooogle.com goooooooooooooooooooooooooooooogle.com gooooooooooooooooooooooooooooooogle.com goooooooooooooooooooooooooooooooogle.com gooooooooooooooooooooooooooooooooogle.com goooooooooooooooooooooooooooooooooogle.com gooooooooooooooooooooooooooooooooooogle.com goooooooooooooooooooooooooooooooooooogle.com gooooooooooooooooooooooooooooooooooooogle.com goooooooooooooooooooooooooooooooooooooogle.com gooooooooooooooooooooooooooooooooooooooogle.com goooooooooooooooooooooooooooooooooooooooogle.com gooooooooooooooooooooooooooooooooooooooooogle.com goooooooooooooooooooooooooooooooooooooooooogle.com gooooooooooooooooooooooooooooooooooooooooooogle.com goooooooooooooooooooooooooooooooooooooooooooogle.com gooooooooooooooooooooooooooooooooooooooooooooogle.com goooooooooooooooooooooooooooooooooooooooooooooogle.com gooooooooooooooooooooooooooooooooooooooooooooooogle.com goooooooooooooooooooooooooooooooooooooooooooooooogle.com gooooooooooooooooooooooooooooooooooooooooooooooooogle.com goooooooooooooooooooooooooooooooooooooooooooooooooogle.com gooooooooooooooooooooooooooooooooooooooooooooooooooogle.com goooooooooooooooooooooooooooooooooooooooooooooooooooogle.com gooooooooooooooooooooooooooooooooooooooooooooooooooooogle.com goooooooooooooooooooooooooooooooooooooooooooooooooooooogle.com gooooooooooooooooooooooooooooooooooooooooooooooooooooooogle.com gooooooooooooooooooooooooooooooooooooooooooooooooooooooooogle.com goooooooooooooooooooooooooooooooooooooooooooooooooooooooooogle.com gooooooooooooooooooooooooooooooooooooooooooooooooooooooooooogle.com
According to F-Secure's alert, the attack scenario also includes a separate Trojan dropper that copies itself to the Windows System folder with a random name and drops a DLL that modifies the HOSTS file to block connection to several anti-virus Web sites.

Another executable also drops a DLL file into the Windows System folder and prompts a fake virus alert on a desktop. The fake alert warns the user about a computer infection and prompts the user to yet another malicious site promising virus protection.

The Web site offers links to several different sites offering anti-virus and spyware cleaners for download. Those downloads all turn out to be a "toolbar.exe" file that is actually an adware installer, which installs a spyware toolbar known as "Perez," F-Secure said.