The worm sends Google a specific search request, essentially asking for a list of vulnerable sites. Armed with the list, the worm then attempts to spread to those sites using a PHP request designed to exploit the phpBB bulletin board software.
The worm is the latest twist on using Google as an attack tool, a practice known as Google hacking. It may also be the first time that a program used Google to identify victims for an attack.
More info in this news release from Kapersky Lab.