WFTM
WFTM aka Waiting For The Moon
I created my Tumblr on the night of a lunar eclipse. Hence I was waiting for the moon.
-----------------------------------------------------------
flickr candid street email
Music
My Photos
Archive
RSS feed
Theme by Stijn
January 18th
11:44 PM
15 notes
Source

Malware Spread through Search Engine Results

Part of my job is to cleanup PCs that have been infected with malware, maleware has completely replaced viruses, we rarely see a virus on a PC. This is the introduction to a paper entitled deSEO: Combating Search-Result Poisoning published by members of the University of Washington Computer Sciences Department. LINK >

The spread of malware through the Internet has increased dramatically over the past few years. Along with traditional techniques for spreading malware (such as through links or attachments in spam emails), attackers are constantly devising newer and more sophisticated methods to infect users. A technique that has been gaining prevalence of late is the use of search engines as a medium for distributing malware. By gaming the ranking algorithms used by search engines through search engine optimization (SEO) techniques, attackers are able to poison the search results for popular terms so that these results include links to malicious pages.

A recent study reported that 22.4% of Google searches contain such links in the top 100 results [23]. Furthermore, it has been estimated that over 50% of popular keyword searches (such as queries in Google Trends [9] or for trending topics on Twitter [20]), the very first page of results contains at least one link to a malicious page [19]. Using search engines is attractive to attackers because of its low cost and its legitimate appearance. Malicious pages are typically hosted on compromised Web servers, which are effectively free resources for the attackers. As long as these malicious pages look relevant to search engines, they will be indexed and presented to end users. Additionally, users usually trust search engines and often click on search results without hesitation, whereas they would be wary of clicking on links that appear in unsolicited spam emails. It is therefore not surprising that, despite being a relatively new form of attack, searchresult poisoning is already a huge phenomenon and has affected major search engines.

Entire Paper

#malware      #crime      #internet      #seo     
  1. tsparks posted this