Search engines to blame for malware spread?



There are a couple news stories about a McAfee SiteAdvisor report about the search engines responsibility for sites that distribute malware.

McAfee said Friday that the epidemic of spyware and viruses could be linked to search engines. According to research from the company, even seemingly benign search terms could bring up sites loaded with nasty payloads.

The study looked at the five major search engines — Google, Yahoo, MSN, AOL, and Ask — and covered a period from January through April. Researchers found that in every search engine, popular keywords returned sites that could be potentially dangerous.

What’s worse, in popular keywords such as “free screensavers,” “digital music,” “popular software,” and “singers,” as much as 72 percent of the returned results contained some kind of risky link.


This really isn’t a big surprise to me. I’ve known people to pick up pests just browsing for lyrics. What is a bit more disturbing is the SPONSORED LINKS were 2-4 times more likely to be sites with malware….

Even worse, sponsored results contained two to four times as many dangerous sites as organic results, according to the survey, which combined data from SiteAdvisor’s automated Web crawlers and new searches using popular keywords culled from the Google Zeitgeist and other industry sources.

I know several times I’ve gone through and filtered NUMEROUS domains from the google adsense ads on this site. My concern is that there are so many that MANUAL filtering is not working. It would be nice if google could sniff the content of a target page and cross reference against known malware definitions for attempts to auto-download. Then ban the site if a match is found.

I don’t know if I would hold the search engines responsible for the organic results. There is NO way, they can re-crawl the web fast enough to keep up with the shifting sands of the web as it is, much less adding the burden of screening for sites that have malware (and what if the site adds it after they’ve been indexed…?) But, the sponsored links, if ANYTHING should be LESS likely to have such pests. That SHOULD be one of the safer havens. That is IF they are to succeed in having people feel comfortable clicking on the links.

The most dangerous keywords include “free screensavers,” “bearshare,” “kazaa,” “download music” and “free games.”

This is definitely something that they (MSN/YAHOO/GOOGLE/et al) need to seriously work on. In all fairness, MSN had the safest results, perhaps due to their Strider HoneyMonkey Detection More details at the articles above.

   Send article as PDF   

Similar Posts