Google vs. Bing: Search Engines Deliver Infected Websites as Their Top Results

A detailed AV-TEST study
recently revealed that although
search engine operators such
as Google and Bing make a lot
of effort to avoid doing so, they
sometimes deliver websites
infected with Trojans and
similar malware among their
top search results. Other
search engines do an even
worse job. Markus Selinger
It took the AV-TEST Institute
from the German city of
Magdeburg a total of 18
months to carry out a study that would
confirm its initial suspicion, namely that the
best-known search engines Google and Bing are
being used to include websites containing
malware among the top search results delivered
to users. This exploitation of search engines is
causing their operators to be
tripped up by their very own
systems.Behind the scenes, the
operators are therefore
working to solve the problem
and are already filtering out a
multitude of infected websites.
Nevertheless, if Internet users
choose to surf the web without
good protection software, they
are sure to be hit by such
infections themselves at some
point in time. The study carried
out by AV-TEST between
August 2011 and February
2013 did indeed confirm this
suspicion.During its study, the
institute investigated over 40
The relationship between the websites examined and the
malware found seems harmless at first glance. If we factor in the
fact that Google processes around 2 to 3 billion search requests
every day, however, it becomes clear that hundreds of thousands
of infected websites are delivered to users on a daily basis.e
This document may be copied free of charge but the source must be stated and the AV-TEST GmbH logo must be displayed. 2
Norton Safe Web: Like many
other Internet security packages,
Norton, for example, also offers
an analysis tool that checks search
results in users’ browsers in real
time. Users are then shown a
corresponding warning in the case
of suspicious websites.
million websites delivered as search engine
results.
Very Complicated – Very Effective
Malware developers are now putting more
and more effort into their work, for example
in order to distribute their spyware programs
or Trojans. They therefore exploit search
engines for their own purposes and sneak
infected websites into the top results
delivered to users. The trick used by these
criminals is actually very simple: they first
create a multitude of small websites and blogs
before selecting the most frequently used
search terms from top news stories and using
backlinks to optimise these terms for search
engines. This process of optimising websites
for search engines, known as SEO (search
engine optimisation) for short, is used by all
major website operators to ensure that their
sites are easier to find. The way to ensure that
a website is the quickest to be found is to
achieve a place in the top ten search results
delivered by Bing or Google.
The study revealed that it was precisely those
search results concerning the latest news that
particularly frequently contained malicious links.
Users are the least suspicious in such cases and
therefore quickly click on the links provided.
This extremely perfidious system works well,
meaning that PCs with less reliable protection
software soon become infected. In 2012, the
test institute from Magdeburg constantly
tested almost all of the security programs
available on the market. The average
detection rate of these programs throughout
the year was 92.5 percent, which indicates
that 7.5 percent of users are potential targets
for malware attackers.
If a user relies on a good security program, the
detection rate can be as high as 100 percent.
You can find out which Windows products
provide such impressive detection rates for free
by visiting www.avtest.org/tests/home-user.
Google Is Better than Bing
The study carried out by AV-TEST evaluated
close to 40 million websites over a period of
18 months. A good 20 million of these
websites were provided by Google and Bing in
equal parts. The other websites examined in
the test were accessed via the globally used
search engines Yandex, Blekko, Faroo, Teoma
and Baidu. The heavyweight of the search
engines tested was the Russian system
Yandex, which provided over 13 million of the
websites investigated.
Google achieved the best results in the study,
followed by Bing. Attention must, however, be
drawn to the fact that Bing delivered five times
as many websites containing malware as
Google during the study. The Russian search
engine Yandex even delivered 10 times as many
For more information, please visit
www.av-test.org.
The latest information on this test and
other studies, as well as up-to-date spam
and malware statistics, can always be
found on the AV-TEST GmbH website.