Skip navigation

Google vs. Bing: Search Engines Deliver Infected Websites as Their Top Results

A New AV-TEST Study: Search Engines as Malware Providers.<br> A detailed AV-TEST study recently revealed that although search engine operators such as Google and Bing make a lot of effort to avoid doing so, they sometimes deliver websites infected with Trojans and similar malware among their top search results. Other search engines do an even worse job.

Top Website Containing Malware Delivered by Search Engines.  The relationship between the websites examined and the malware found seems harmless at first glance. If we factor in the fact that Google processes around 2 to 3 billion search requests every day, however, it becomes clear that hundreds of thousands of infected websites are delivered to users on a daily basis.

Norton Safe Web: Like many other Internet security packages, Norton, for example, also offers an analysis tool that checks search results in users’ browsers in real time. Users are then shown a corresponding warning in the case of suspicious websites.

Over 110 Million Pieces of Malware Are Already Active.  The current amount of existing malware is continuing to grow inexorably. In fact, AV-TEST most recently recorded as many as over 110 million pieces of malware in March 2013. This increase in malware is also resulting in a constantly growing number of infected websites.

It took the AV-TEST Institute from the German city of Magdeburg a total of 18 months to carry out a study that would confirm its initial suspicion, namely that the best-known search engines Google and Bing are being used to include websites containing malware among the top search results delivered to users. This exploitation of search engines is causing their operators to be tripped up by their very own systems. Behind the scenes, the operators are therefore working to solve the problem and are already filtering out a multitude of infected websites. Nevertheless, if Internet users choose to surf the web without good protection software, they are sure to be hit by such infections themselves at some point in time. The study carried out by AV-TEST between August 2011 and February 2013 did indeed confirm this suspicion. During its study, the institute investigated over 40 million websites delivered as search engine results.

Very Complicated – Very Effective

Malware developers are now putting more and more effort into their work, for example in order to distribute their spyware programs or Trojans. They therefore exploit search engines for their own purposes and sneak infected websites into the top results delivered to users. The trick used by these criminals is actually very simple: they first create a multitude of small websites and blogs before selecting the most frequently used search terms from top news stories and using backlinks to optimise these terms for search engines. This process of optimising websites for search engines, known as SEO (search engine optimisation) for short, is used by all major website operators to ensure that their sites are easier to find. The way to ensure that a website is the quickest to be found is to achieve a place in the top ten search results delivered by Bing or Google.

The study revealed that it was precisely those search results concerning the latest news that particularly frequently contained malicious links. Users are the least suspicious in such cases and therefore quickly click on the links provided.

This extremely perfidious system works well, meaning that PCs with less reliable protection software soon become infected. In 2012, the test institute from Magdeburg constantly tested almost all of the security programs available on the market. The average detection rate of these programs throughout the year was 92.5 percent, which indicates that 7.5 percent of users are potential targets for malware attackers.

If a user relies on a good security program, the detection rate can be as high as 100 percent. You can find out which Windows products provide such impressive detection rates for free by visiting www.avtest.org/tests/home-user.

Google Is Better than Bing

The study carried out by AV-TEST evaluated close to 40 million websites over a period of 18 months. A good 20 million of these websites were provided by Google and Bing in equal parts. The other websites examined in the test were accessed via the globally used search engines Yandex, Blekko, Faroo, Teoma and Baidu. The heavyweight of the search engines tested was the Russian system Yandex, which provided over 13 million of the websites investigated.

Google achieved the best results in the study, followed by Bing. Attention must, however, be drawn to the fact that Bing delivered five times as many websites containing malware as Google during the study. The Russian search engine Yandex even delivered 10 times as many infected websites in comparison with Google.

All of the websites tested revealed a total of 5000 potential pieces of malware. When fed into calculations, this result only leads to a small overall percentage of infected websites. Nevertheless, it is important to remember that Google alone deals with a phenomenal total of 2 to 3 billion search requests worldwide every day. If this total is factored into the calculations, the total number of websites containing malware found by the search engine is enough to make your head spin!

Up-to-Date Systems Are More Secure

The infected websites mostly use malware that exploits existing security vulnerabilities in users’ software. These vulnerabilities normally involve outdated browsers, old add-ons or extensions and out-of-date versions of PDF readers. Users can drastically reduce the likelihood of infection by keeping the software on their systems up to date. They can also guarantee that they have the best possible protection by additionally using high-quality security software that is constantly updated.

Share news: