Follow Us

We use cookies to provide you with a better experience. If you continue to use this site, we'll assume you're happy with this. Alternatively, click here to find out how to manage these cookies

hide cookie message

Google SERP's show malicious URL links

Cybercrooks produce search engine optimisation poisoning

Article comments

Cybercrooks continue to abuse the web, boosting their ability to produce what's called search engine optimization poisoning so that individuals making use of search engines such as Google's increasingly are ending up with choices that are dangerous malware-laden URL links.

Some 22.4% of Google searches done since June produced malicious URLs, typically leading to fake antivirus sites or malware-laden downloads as part of the top 100 search results, according to the Websense 2010 Threat Report published Tuesday. That's in comparison to 13.7% of Google searches having that outcome in the latter half of 2009, says Patrik Runald, Websense senior manager of security research. 

The rising level of SEO poisoning, also known as "Black Hat SEO," shows that cybercriminals "are fine-tuning their activities and getting better at this," Runald says, adding that although search engines such as Google work hard to try and stymie the Black Hat SEO effect, the trend is evident.

The irony is that when it comes to getting infected by malware, the chances of that are now less risky at porn and adult content sites, historically viewed as a high source of malware (now at 21.8%) than just searching for less scandalous topics, such as news, IT and entertainment. Runald adds that recognized news sites such as CNN or Fox News are not the sources of malicious links but are designed as malware traps to fool people into stumbling upon them through search results.

Black Hat SEO was on display during this year's Haiti earthquake on Jan. 12, when there was active web searches being done to find out news about it and efforts to help, and "bad guys use major crises and events like this to spread their malicious code," the Websense report notes.

Much of the time the victim doing the search who clicks on a bad URL will end up at a rogue antivirus site where someone's trying to sell fake anti-malware software, Runald points out. This year, the trend has been that the rogue A/V vendors expanded to include "exploit kits to get their malware onto the PC" and that malware is now more likely to be ZeuS or other dangerous banking Trojans.

In general, according to the report, the number of malicious sites overall, that is, the number of direct links with some form of malicious content, is up 111% in 2010 over 2009.

And though the Web is a constantly shifting universe, the number of malicious Web sites are also seen to be climbing, from about 1 million per month in April 2009 to 2 million today. Eighty percent of legitimate sites have at one point or another been compromised in some form and usually then cleaned up, according to Websense.

It also notes social-networking giants Facebook and Twitter are also rapidly rising as vehicles for malware and spam. For instance, 40% of all Facebook status updates have links and 10% of those links are either spam or malicious, according to Websense.

The 2010 Threat Report also highlights:

* The United States at 53.7% and China at 24.8% are the top countries in 2010 for malware on the Web, with the remaining countries, such as Spain, Brazil the Netherlands and others, holding less than 6%.

* The United States is the top country for hosting crimeware (such as banking Trojans or other malware to conduct cybercrime) at 34.2%, followed by China at 11.79% and Brazil at 10.28%.

* The United States was the top country hosting phishing sites at 44.7%, followed by Sweden at 37.21%.

* The top five hosts for data-stealing code for 2010 were: pc-optimizer.com; host127-0-0-1.com; beancountercity.in; 0texkax7c6hzuidk.com; and googlegroups.com.



Share:

More from Techworld

More relevant IT news

Comments



Send to a friend

Email this article to a friend or colleague:

PLEASE NOTE: Your name is used only to let the recipient know who sent the story, and in case of transmission error. Both your name and the recipient's name and address will not be used for any other purpose.

Techworld White Papers

Choose – and Choose Wisely – the Right MSP for Your SMB

End users need a technology partner that provides transparency, enables productivity, delivers...

Download Whitepaper

10 Effective Habits of Indispensable IT Departments

It’s no secret that responsibilities are growing while budgets continue to shrink. Download this...

Download Whitepaper

Gartner Magic Quadrant for Enterprise Information Archiving

Enterprise information archiving is contributing to organisational needs for e-discovery and...

Download Whitepaper

Advancing the state of virtualised backups

Dell Software’s vRanger is a veteran of the virtualisation specific backup market. It was the...

Download Whitepaper

Techworld UK - Technology - Business

Innovation, productivity, agility and profit

Watch this on demand webinar which explores IT innovation, managed print services and business agility.

Techworld Mobile Site

Access Techworld's content on the move

Get the latest news, product reviews and downloads on your mobile device with Techworld's mobile site.

Find out more...

From Wow to How : Making mobile and cloud work for you

On demand Biztech Briefing - Learn how to effectively deliver mobile work styles and cloud services together.

Watch now...

Site Map

* *