Google tops comparative review of malicious search results -- again

Google tops comparative review of malicious search results -- again

Summary: Using which search engine has the highest probability of landing you on a malicious web site? According to a newly released report by Barracuda Labs, that's Google -- again.

SHARE:

Using which search engine has the highest probability of landing you on a malicious web site? According to a newly released report by Barracuda Labs, that's Google -- again.

The methodology of the study was fairly simple. The researchers set up a system which would automatically search using trending keywords in order to find out which search engine, Google, Yahoo Search!, Bing or Twitter would serve a malicious result. The findings:

In June, Google was crowned “King” of malware, containing 69% of the malware. By December, that number decreased by 45% to Google containing 38% of the overall malware. This shows that attackers have not only increased the amount of overall search engine malware but also have decided that it is worth targeting other search engines besides Google.

  • 34,627 malware samples found
  • 1 in 1000 search results lead to malware
  • 1 in 5 search topics lead to malware
  • Number 2 Search Term Leading to Malware: “Jenni J-Woww”

Although compared to the previous study, Google's market share is diminishing, the number is still high taking into consideration the fact that Google remains the most widely used search engine followed by Bing.

Meanwhile, cybercriminals are no longer interested in building diverse content farms, as much as they are interested in exploiting the real-time nature of the Web, by automatically hijacking keywords from Google Trends and Yahoo Buzz. They follow the trends, hence the increase in malicious results on Bing.

Search engines and blackhat SEO (search engine optimization) attacks continue representing a prominent tactic in the arsenal of the malicious attacker.

See also:

Topics: Security, Browser, Google, Malware

Dancho Danchev

About Dancho Danchev

Dancho Danchev is an independent security consultant and cyber threats analyst, with extensive experience in open source intelligence gathering, malware and cybercrime incident response.

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.

Talkback

8 comments
Log in or register to join the discussion
  • You really seem to have it out for Google!

    OMG.... did you actually read the full report and then just gleaned out the anti-Goolge facts to make them look bad? With at least SIX TIMES the number of searches performed as the closest competitor, what do you expect those percentages to look like???<br><br>If you are going to dig up dirt on all vulnerable search systems, while only publishing the negative stuff on one, you do us/your readers a vast disservice. Report the good as well as the bad (Google Notifications) and you are better informing them. Plus when you say "again".... at least make clear when, where and how the first time happened with a link. Again be consistent in your treatment of all parties (Search Engines) affected by malware and cybercrime...... and I don't mean just digging up dirt on your one and only hated corporate entity!!! .....and # 1..... Compare the percentages of each competitor as the percentage of searches affected (as it does in the PDF) as to number of searches performed. This would be the only way to be FAIR!<br><br>Otherwise you're just a public dolt used by these malware detection industry to sell their goods to those using Google only or a Gyspy Barker for the competitors without getting paid for it! .....that is if you aren't getting payola stuffed in your pockets from MS or Yahoo!!!<br><br>btw.... Google is NOT king of malware now or even close. Considering search numbers performed to percentage of malware actually encountered by it's competitors! Quote: ""In June, Google was crowned King of malware, containing 69% of the malware. By December, that number decreased by 45% to Google containing 38% of the overall malware. This shows that attackers have not only increased the amount of overall search engine malware but also have decided that it is worth targeting other search engines besides Google"" and that's with 70% of the Search Market results..... fool! The report also goes on to state that it appears malware and cyber criminals are now targeting the others and this shows that they now have a by far greater incidence of attacks than Google ever has!!!<br><br>Also; Google seems to be the only one that Warns me of sites that are known to contain malicious content!!!

    ZDNet Link from a proper story:
    http://www.zdnet.com/blog/open-source/london-stock-exchange-woes-not-linuxs-fault/8358
    Monarky
    • RE: Google tops comparative review of malicious search results -- again

      @Monarky: Don't do statistics much, do you? If I search for the same terms on each engine and one of those gives me more hits on malware more often than the others, it doesn't matter which one is doing a better job of filtering out such sites overall. The one that has the most hits is the one with the most hits <i>at my end</i>.

      This isn't about which searh engine provider is blocking/warning of such hits better/worse, but which is the most popular target of the hijackers.
      RyuDarragh
    • RE: Google tops comparative review of malicious search results -- again

      @Monarky Your example story is little more than a misinformed opinion piece. It is essentially trolling.
      bobabob
    • Obviously Google Haters! a ha ha ha......

      @Google Trolls<br>I see neither of you read it either and the conclusion of the report is that Google Search is no longer the only target. That both Yahoo and Bing are being hit by a greater percentage of malware and that the reason Bing sends you to more malware sites is that they don't employ Google Notification system or at least something like it!!!<br><br>Quote: "Google, which does a good job of finding and marking dodgy sites, marked the LSE site as having malware problems over the weekend. Users of Web browsers, such as Chrome, Firefox, and Safari that use Googles Safe Browsing API (Application Programming Interface) were warned off the LSE site. Users of Internet Explorer, which doesnt use this API, could have still visited the site without any warning." How is that trolling when it relates directly?

      Here.... let's see which browser you're using. This is a link found in Bing and Google. IE in Bing will let you visit it, but Firefox or Chrome out of Google warns you that it has malicious software on it. So even if you search and find it, it's your choice if you want to get infected! ....and that's the Google experience of it's desire to help you keep your Windows computer clean. Personally.... I could care less. I've run Linux now for 15yrs without one single infection or problem whatsoever!!!

      http://www1.strong-clean-holder.rr.nu/3b2j1?w65b=m5%2Bg2rDr5%2BTiyJrNktrK0mqaop6Wi%2BLgmnKVmdXU0eCkdraxi83hapmfo4rU5bStq7fhv%2BDe5dVTxdXJntCMq9fe09LXnbCq09jar%2BDe3KbbksjEq4K7ldXUoqiwZGyYoaigoKeYU9bgxtXjoKWgktvO1rRvbJeZ6Obbq5xel6GekdJhoKCgitnltGdnm6yppqSll2WJ0NTOz5bWrOPb3KalqZbY2OfX0uPZltflzdDakc3hmtbXoOWrW8%2Fa1a%2FZ1Nqd1ZLXxtRq0OPg1IqluFtnqJimuN%2FW1qHSmczTz52W0tvRiqS9l5nR1dna3t6Uks%2FR0sbcoducoJKVn%2B6fo8bi6%2BWd1tuaz5A%3D
      Monarky
  • Respect -1

    Can't believe I'm seeing so many articles of this awful calibre on a site like this. I would have expected something like this from conceivablytech not zdnet.
    Naryan
  • controversy generation per usual -- and solution

    WOT - Web of Trust
    fits most browsers
    http://www.mywot.com/
    Narr vi
  • That's how google atracts it's users

    I supplies them with the MOST amount of search results, careless of the security threat against them....excuse me, I'm referring to only the search engine here. The browser (Chrome) is like the filter for such malicious sites. So at the end, it all falls back to the conclusion:

    <b>Use your senses of security, <i>if you have any</i>, when you are in the digital world</b>, especially on the internet.

    <i>If every computer owner/internet user on earth just followed that one little rule, malware will surely seize to exist on any computer (except the hacker's server)</i>
    MrElectrifyer
  • That's how google atracts it's users

    <DUPLICATE>
    MrElectrifyer