in 
Infosec
Infosec Malicious Search Engine Optimisation: another headache for Google
Sunday, May 2, 2010 at 3:02AM
t would seem that the spreaders of malware are adopting Search Engine Optimisation techniques targetting the Google search algorithm to ensure that their links to malicious code appear before legitimate websites – this is worrying when around 80% of people do not go beyond the first page of Google search results.
This is happening to the extent that attackers to tracking trends across the Internet and then rapidly optimising their sites to appear high up in the search results. Research by cloud security firm ZScaler found in one instance 90% of top 100 search results on Google for a particular trend were leading to sites hosting malware:
86 links were sending users directly to a malicious, fake antivirus page that tries to install malware.
4 malicious links were down or Google displayed a warning page
Now if 80% of Google users don’t click beyond the front page, which typically contains 10 results, the user at a statistically high chance of clicking on a link to malware.
The attackers are obviously targeting optimising for the Google search algorithm, as the same search conducted on Bing and Yahoo! does not net the same results. ZScaler’s findings are that Bing returned no links to malware and Yahoo! only had 4 links in pages 2, 6 and 7.
What isn’t clear is that are the attackers targeting Google as they have the vast majority of the search market, or are they taking advantage in inherent weaknesses in the Google search algorithm?
This is happening to the extent that attackers to tracking trends across the Internet and then rapidly optimising their sites to appear high up in the search results. Research by cloud security firm ZScaler found in one instance 90% of top 100 search results on Google for a particular trend were leading to sites hosting malware:
86 links were sending users directly to a malicious, fake antivirus page that tries to install malware.
4 malicious links were down or Google displayed a warning page
Now if 80% of Google users don’t click beyond the front page, which typically contains 10 results, the user at a statistically high chance of clicking on a link to malware.
The attackers are obviously targeting optimising for the Google search algorithm, as the same search conducted on Bing and Yahoo! does not net the same results. ZScaler’s findings are that Bing returned no links to malware and Yahoo! only had 4 links in pages 2, 6 and 7.
What isn’t clear is that are the attackers targeting Google as they have the vast majority of the search market, or are they taking advantage in inherent weaknesses in the Google search algorithm?
Reader Comments