Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

Avtest 2013 03-search_engines_malware_english


Published on

  • Be the first to comment

  • Be the first to like this

Avtest 2013 03-search_engines_malware_english

  1. 1. A New AV-TEST Study:Search Engines as Malware ProvidersGoogle vs. Bing: Search Engines DeliverInfected Websites as Their Top ResultsA detailed AV-TEST studyrecently revealed that althoughsearch engine operators suchas Google and Bing make a lotof effort to avoid doing so, theysometimes deliver websitesinfected with Trojans andsimilar malware among theirtop search results. Othersearch engines do an evenworse job. Markus SelingerIt took the AV-TEST Institutefrom the German city ofMagdeburg a total of 18months to carry out a study that would being used to include websites containingconfirm its initial suspicion, namely that the malware among the top search results deliveredbest-known search engines Google and Bing are to users. This exploitation of search engines is causing their operators to be tripped up by their very own systems. Behind the scenes, the operators are therefore working to solve the problem and are already filtering out a multitude of infected websites. Nevertheless, if Internet users choose to surf the web without good protection software, they are sure to be hit by such infections themselves at some point in time. The study carried out by AV-TEST between August 2011 and February The relationship between the websites examined and the 2013 did indeed confirm this malware found seems harmless at first glance. If we factor in the suspicion. During its study, the fact that Google processes around 2 to 3 billion search requests institute investigated over 40 every day, however, it becomes clear that hundreds of thousands of infected websites are delivered to users on a daily basis.This document may be copied free of charge but the source must be stated and the AV-TEST GmbH logo must be displayed. 1
  2. 2. e Norton Safe Web: Like many other Internet security packages, Norton, for example, also offers an analysis tool that checks search results in users’ browsers in real time. Users are then shown a corresponding warning in the case of suspicious websites.million websites delivered as search engine detection rate of these programs throughoutresults. the year was 92.5 percent, which indicatesVery Complicated – Very Effective that 7.5 percent of users are potential targets for malware attackers.Malware developers are now putting more If a user relies on a good security program, theand more effort into their work, for example detection rate can be as high as 100 order to distribute their spyware programs You can find out which Windows productsor Trojans. They therefore exploit search provide such impressive detection rates for freeengines for their own purposes and sneak by visiting websites into the top resultsdelivered to users. The trick used by thesecriminals is actually very simple: they first Google Is Better than Bingcreate a multitude of small websites and blogs The study carried out by AV-TEST evaluatedbefore selecting the most frequently used close to 40 million websites over a period ofsearch terms from top news stories and using 18 months. A good 20 million of thesebacklinks to optimise these terms for search websites were provided by Google and Bing inengines. This process of optimising websites equal parts. The other websites examined infor search engines, known as SEO (search the test were accessed via the globally usedengine optimisation) for short, is used by all search engines Yandex, Blekko, Faroo, Teomamajor website operators to ensure that their and Baidu. The heavyweight of the searchsites are easier to find. The way to ensure that engines tested was the Russian systema website is the quickest to be found is to Yandex, which provided over 13 million of theachieve a place in the top ten search results websites investigated.delivered by Bing or Google. Google achieved the best results in the study,The study revealed that it was precisely those followed by Bing. Attention must, however, besearch results concerning the latest news that drawn to the fact that Bing delivered five timesparticularly frequently contained malicious links. as many websites containing malware asUsers are the least suspicious in such cases and Google during the study. The Russian searchtherefore quickly click on the links provided. engine Yandex even delivered 10 times as manyThis extremely perfidious system works well, For more information, please visitmeaning that PCs with less reliable protection soon become infected. In 2012, thetest institute from Magdeburg constantly The latest information on this test andtested almost all of the security programs other studies, as well as up-to-date spamavailable on the market. The average and malware statistics, can always be found on the AV-TEST GmbH website.This document may be copied free of charge but the source must be stated and the AV-TEST GmbH logo must be displayed. 2
  3. 3. einfected websites in comparison with Google. readers. Users can drastically reduce the likelihood of infection by keeping the softwareAll of the websites tested revealed a total of on their systems up to date. They can also5000 potential pieces of malware. When fed guarantee that they have the best possibleinto calculations, this result only leads to a protection by additionally using high-qualitysmall overall percentage of infected websites. security software that is constantly updated.Nevertheless, it is important to remember thatGoogle alone deals with a phenomenal total of2 to 3 billion search requests worldwide everyday. If this total is factored into thecalculations, the total number of websites Magdeburg, Germany, 6th April 2013containing malware found by the search Author: Markus Selingerengine is enough to make your head spin! Please contact the team at AV-TEST GmbH ifUp-to-Date Systems Are More Secure you have any questions. E-mail: presse@av-test.deThe infected websites mostly use malware Tel.: +49 (0)391 6075460that exploits existing security vulnerabilities in Website: www.av-test.orgusers’ software. These vulnerabilities normallyinvolve outdated browsers, old add-ons orextensions and out-of-date versions of PDF Over 110 Million Pieces of Malware Are Already Active The current amount of existing malware is continuing to grow inexorably. In fact, AV-TEST most recently recorded as many as over 110 million pieces of malware in March 2013. This increase in malware is also resulting in a constantly growing number of infected websites.This document may be copied free of charge but the source must be stated and the AV-TEST GmbH logo must be displayed. 3