Microsoft disabled the search function on its Safety and Security Center this past weekend after scammers hijacked it to redirect queries to porn sites.
The problem began last Friday (July 8), when researchers at the security vendor GFI discovered that Microsoft's Safety and Security Center was yielding a host of porn websites after users entered certain keywords into the search bar.
The search results included links to pages offering "free porn," free Filipino porn" videos, and "YouTube sex," GFI wrote in a blog.
This cybercrime tactic of tricking a search engine into giving top billing to rogue pages is called blackhat SEO (or poisoned SEO), and is often deployed to capitalize on trending Web topics.
Microsoft's Safety and Security Center is essentially a one-stop hub for computer safety, housing information on how to create strong passwords, avoid viruses and malware and protect yourself from Internet scams. So it's with no small amount of irony that this attack hit only the safety center, and no other Microsoft Web pages.
[Suckers! A Decade of Successful Internet Scams]
The porn pages hid more dangerous weapons aimed at infecting users' computers; GFI Labs reports that several of the links contained malicious downloads.
The search function has since been fixed.