Google researchers on the hunt for malware
Thursday, February 14, 2008/
A study by Google researchers has found that 1% of all of the billions of search results around the world pointed to at least one result containing malicious content or malware, Information Week reports.
After 18 months hunting down dodgy websites, the Google scientists uncovered more than three million unique URLs on more than 180,000 websites that attempt to install malware on visitors’ computers.
Even more worryingly, the malware trend seems to be increasing, with the researchers detecting more and more of the nasty sites as their search went on.
And in a finding that probably won’t please their bosses up the Google corporate chain, the researchers found that the explosion in online advertising could be part of the reason for the rise of malware, with around 2% of malicious websites delivering malware via ads embedded in other sites.
“Today, the majority of web advertisements are distributed in the form of third-party content to the advertising web site,” the report explains. “This practice is somewhat worrisome, as a web page is only as secure as its weakest component.
“In particular, even if the web page itself does not contain any exploits, insecure ad content poses a risk to advertising web sites. With the increasing use of ad syndication (which allows an advertiser to sell advertising space to other advertising companies that in turn can yet again syndicate their content to other parties), the chances that insecure content gets inserted somewhere along the chain quickly escalates. Far too often, this can lead to web pages running advertisements to untrusted content.”