Is Google infecting PCs? Google Caching JavaScript Trojans in Web Cache

While looking up New Year’s Eve celebrations taking place in the mountains of North Carolina today I came across a hacked site. That is nothing out of the ordinary, however, the site’s payload is a trojan deliverable via a JavaScript. The way this works, is, you visit the site, the script gets executed via your browser, your PC gets infected.

The page is

Information about the high country is tough to find online so I backed up and tried to pull the page from Google’s Cache (related = view webpages cached in Google Search results). I was shocked to discover that Google had pulled the trojan and placed it in their cache.

I didn’t test it but I am fairly certain that if you browse Google’s cache using a vulnerable PC you will be infected!

screenshot of cached JS trojan

I’m not quite sure how Google could fix this issue. As I reported earlier in the week, Google does crawl and index JS content, so it makes sense that it would cache it as well.

I double checked the page via Securi, and it is indeed compromised:

I was finally able to access an outdated copy of the page via the Wayback Machine.


Leave a Reply