Reports say that certain malware distributing sites are making their way to the top of Google's search results, taking advantage of their PageRank system.
Google Purges Malware Websites
This week, news spread in the web saying that malware sites are taking advantage of Google's PageRank system to appear on the top of the search results. Researchers confir
med this Wednesday that Google Inc. has cleaned its index for malware websites.
Malware websites forced its way to the top of search results in Google search by processes known as spamdexing and Google bombing. Spamdexing creates invisible text in the websites that is used to lure users to the websites and is usually irrelevant to the page's content, while Google bombing employs the work of bots that increases the PageRank of a page. For more information about these techniques, see the article, Clicking Google Search Result May Lead to Malware in Sonicsoft Wired.
Researchers, however, said that Google has purged the malware sites from its index, effectively removing these sites from appearing on their search results.
The malware sites, once visited, will attempt to install tons of spywares, viruses, password stealers, rootkits onto the user's system. These malwares are easily prevented by the most recent patches available and uses no new exploits of software.
"They look gone to us," said Alex Eckelberry, the CEO of Sunbelt Software Distribution Inc., the company that broke the news Monday of a massive, coordinated campaign by attackers to spread malware through search results on Google, Yahoo, Microsoft Live Search and other sites.
Google did confirm yesterday with us that they were working the case, and they are good about nailing this stuff," Eckelberry added. He notified Google about his research this Monday.
Ironically, Google refuses to confirm or deny that it did remove from its index the 40,000 malware hosting sites, or even that they had existed. "Google takes the security of our users very seriously, especially when it comes to malware," a company spokeswoman said Wednesday. "In our search results, we try to warn users of potentially dangerous sites when we know of them. Sites that clearly exploit browser security holes to install software, such as malware, spyware, viruses, adware and Trojan horses, are in violation of the Google quality guidelines and may be removed from Google's index."
However, she did not mention how long Google made the purge, and if the company had ever done any countermeasures against malware sites from perform this kind of trick in the future.
Microsoft has just confirmed the presence of the malware sites, and are working on it, says a representative of the Live Search team. Yahoo has not yet made a comment.
No comments:
Post a Comment