tumblr hit counter

Malicious Search Suggestions with Google Instant

Sep 8

Google just released its brand new search technology labeled “Google Instant,” which works by dynamically accelerating search results as you type into the Google search box.  Google Instant essentially predicts what users will type and rapidly makes suggestions on which search term is most relevant to what is being typed in real time.

So what?  Well, we’re kind of concerned…

If you’ve followed our blog in the past, then you know that Google hasn’t done a great job in mitigating Blackhat SEO threats, which have plagued search results for years.  As a test, I thought I’d search for “antivirus” and see what suggestions came up. Lo and behold, Antivir Solution Pro, a well known Rogueware infection was amongst the suggested search terms.

Google Instant Malicious Search Suggestion

Let’s segue from the problem of malicious search suggestions and get right down to the real problem here. I’m more concerned how this new technology can potentially improve existing Blackhat SEO campaigns.  We know for a fact that most Blackhat SEO campaigns automatically query Google’s trending topic results and now it seems that Google Instant will be suggesting those trending phrases (verbatim), potentially putting millions of victims directly in cyber criminals’ cross hairs.

Only time will tell, but we can see Google Instant aiding Blackhat SEO campaigns real soon.

Stay safe out there!

Post to Twitter

  • (7) Comments

Comments

  1. Bob says:

    All of the instant results are for removing Antivir Solution Pro. I don’t see a problem here.

    • Bob, the point is that cyber criminals use automated scripts to strip relevant and timely “trending topics” from Google for Blackhat SEO purposes. Now, lets say that the search term

      massive worm outbreak cripples network’s worldwide

      is on the trending topic list. If you go to Google and start typing “massive worm…” then Google examines the most relevant search terms and autocompletes the search for you. Great! The only problem is that cyber criminals are targeting these exact search terms every second. 100% of trending topics are actively targeted by cyber criminals.

      • Stick says:

        While using a search suggestion might produce results that include nefarious links, the fact that such links are present at all is an unrelated problem, which would still exist whether Google Instant existed or not.

        The fact that trending topics can be used by Black Hat SEOs at all means that huge volumes of people are searching for those query strings intentionally and will continue to do so with or without Instant.

        On the flip side, Instant’s use of trending topics also gives Google specific queries to subject to greater scrutiny when scanning for malware.

Trackbacks

  1. [...] dazu auf dem Blog der PandaLabs. Weitere verwandte [...]

  2. [...] se revele útil, o Google Insant também pode apresentar algumas controvérsias: a PandaLabs escreveu no seu blog um artigo sobre como este mecanismo pode aumentar as probabilidades de sucesso dos ataques usando [...]

  3. [...] Malicious Search Suggestions with Google Instant >> PandaLabs Blog“If you’ve followed our blog in the past, then you know that Google hasn’t done a great job in mitigating Blackhat SEO threats, which have plagued search results for years. As a test, I thought I’d search for “antivirus” and see what suggestions came up. Lo and behold, Antivir Solution Pro, a well known Rogueware infection was amongst the suggested search terms.” [...]

  4. [...] when I said that Google Instant was a potential security disaster? Well, it turns out that Google’s new Instant Preview feature can help lure innocent victims [...]

Leave a Reply

You can use these tags: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>

  • Become a fan!


    Panda Security on Facebook
  • Blogroll

  • Categories