Google tops comparative review of malicious search results -- again

Summary:Using which search engine has the highest probability of landing you on a malicious web site? According to a newly released report by Barracuda Labs, that's Google -- again.

Using which search engine has the highest probability of landing you on a malicious web site? According to a newly released report by Barracuda Labs, that's Google -- again.

The methodology of the study was fairly simple. The researchers set up a system which would automatically search using trending keywords in order to find out which search engine, Google, Yahoo Search!, Bing or Twitter would serve a malicious result. The findings:

In June, Google was crowned “King” of malware, containing 69% of the malware. By December, that number decreased by 45% to Google containing 38% of the overall malware. This shows that attackers have not only increased the amount of overall search engine malware but also have decided that it is worth targeting other search engines besides Google.

  • 34,627 malware samples found
  • 1 in 1000 search results lead to malware
  • 1 in 5 search topics lead to malware
  • Number 2 Search Term Leading to Malware: “Jenni J-Woww”

Although compared to the previous study, Google's market share is diminishing, the number is still high taking into consideration the fact that Google remains the most widely used search engine followed by Bing.

Meanwhile, cybercriminals are no longer interested in building diverse content farms, as much as they are interested in exploiting the real-time nature of the Web, by automatically hijacking keywords from Google Trends and Yahoo Buzz. They follow the trends, hence the increase in malicious results on Bing.

Search engines and blackhat SEO (search engine optimization) attacks continue representing a prominent tactic in the arsenal of the malicious attacker.

See also:

Topics: Security, Browser, Google, Malware

About

Dancho Danchev is an independent security consultant and cyber threats analyst, with extensive experience in open source intelligence gathering, and cybercrime incident response. He's been an active security blogger since 2007, and maintains a popular security blog sharing real-time threats intelligence data with the rest of the community... Full Bio

zdnet_core.socialButton.googleLabel Contact Disclosure

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.

Related Stories

The best of ZDNet, delivered

You have been successfully signed up. To sign up for more newsletters or to manage your account, visit the Newsletter Subscription Center.
Subscription failed.