Tuesday, September 14, 2010

Google Instant may end-up infecting your machine

Malicious Search Suggestions with Google Instant

Google launched its streaming search engine yesterday called Google Instant, which provides people with instant, real-time search results, and also opens the doors to search engine optimisation (SEO) poisoning and other problems.

The problem comes from hackers who create malware or fake antivirus programs and then manage to poison Google's search results in order to get their software high on the list. This is often called blackhat SEO, as it will use traditional SEO tactics but for malicious reasons.All search engines, but Google in particular, are at risk of blackhat SEO and that is not a new problem.

However, because Google Instant literally searches for everything as you type, you could be forced into a situation where you are unwittingly searching for rogueware. “As a test, I thought I'd search for 'antivirus' and see what suggestions came up. Lo and behold, Antivir Solution Pro, a well-known rogueware infection was amongst the suggested search terms,”
said Sean-Paul Correll, threat researcher at Pandalabs and founder of the Malware Database.

For those who are not familiar with the rogueware, they may consider it legitimate, download and install it, resulting in their computer being infected. The fact that the rogueware was second on the list of suggested terms makes this a worrying possibility, as it amounts to Google's search engine recommending malware. It is also interesting to note that the fourth suggested search term is for the removal of that same rogueware.

No comments: